Michael Leone on 26 Jun 2019 09:24:05 -0700
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] Chrome and Certificates (WAS:Fwd: Confused - certificate is valid in IE/Edge but not in Chrome?)
- From: Michael Leone <firstname.lastname@example.org>
- To: "Philadelphia Linux User's Group Discussion List" <email@example.com>
- Subject: Re: [PLUG] Chrome and Certificates (WAS:Fwd: Confused - certificate is valid in IE/Edge but not in Chrome?)
- Date: Wed, 26 Jun 2019 12:23:48 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mike-leone.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=dji4dc6jMCyV1nIUKwNQxVr5ohEee4Dc+Vz77Pv4fwM=; b=DjmDQMgFc4A4MjL4pI/wpu2JwQpQt/iC6oUJF/6Aja86UHgoNRFBKP1ECb/3WxdO1v ivgXwXuCnkHguRiEgLbeUL65MDS7Ti8+UPVj8SBCNL93i0Ta5iql0kBeAoUxnPoLQn2i Wq1ANPe81r2x4fmIIEwqLCGcaszq1wpNWCQ1I=
- Reply-to: Philadelphia Linux User's Group Discussion List <firstname.lastname@example.org>
- Sender: "plug" <email@example.com>
Yep. Not even "can"; "is".
FWIW, I believe you can tell openssl to include any SANs in the CSR
automatically (but you'd still need to define those in the config used
to generate the CSR).
AH. But I am not creating the CSR (from openssl). The CSR is coming from the client, which is an IIS server. So what do I do, include those @alt_names in the [ server-cert ] section?
And how then do I tell openssl to include those options in the signed cert (as opposed to putting it in the CSR, which I am not creating with openssl)?
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug