Re: [PLUG] openssl and specifying subjectAltName

Jonathan Schwehm via plug on 5 Feb 2020 08:30:49 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] openssl and specifying subjectAltName

From: Jonathan Schwehm via plug <plug@lists.phillylinux.org>
To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Subject: Re: [PLUG] openssl and specifying subjectAltName
Date: Wed, 5 Feb 2020 16:30:43 +0000 (UTC)
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1580920244; bh=4maYVH8/MbBoczHil7X8zWBJZAhzrhASacjj/k/vjfE=; h=Date:From:Reply-To:To:In-Reply-To:References:Subject:From:Subject; b=FjL7NCq8NZFTAX8r4USffYya2lHXXYXdgssXYQvipN6mGQpTsUsfz9+hyQOCP+R80eUhJFQhpsSUN4sEQBIx4wSKyB0fKiWmoKNXpifMxlgW49XNDeA+efiVwXuByALynjWZnZd0YkZ84e6NzL6GEvcvPR4cpBqSrroJ1eBqgZVGBq/yqx6S4uaaIK4w7ccwIO23Hc/d3j8Z2slXh9Mb+k6tYRRpjbzqL0Z279ZYhOXkWdC4ru7zfupgFKNNiAT3uOn1JLFpc9Z3I7kuEA4+AhM2tnY3VPjQZ65c0GRz7LjVeiDExYyTkKC2J6PyV2Ip7H4mo+59qR98MIo08QgHrw==
Reply-to: "jmschwehm@yahoo.com" <jmschwehm@yahoo.com>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

For a bash solution, I tweaked this to use my local CA cert @work.

https://github.com/loganstellway/self-signed-ssl/blob/master/self-signed-tls

Jonathan

Sent from Yahoo Mail on Android

On Wed, Feb 5, 2020 at 11:23 AM, brent timothy saner via plug
<plug@lists.phillylinux.org> wrote:

On 2/5/20 11:10, Michael Leone via plug wrote:
>
> Is that doable? I haven't seen how ...

nope; you haven't seen it because it isn't doable. OpenSSL expects a
static environment.

if you *really* don't want to write an openssl.cnf, just gen a CSR in
python with pyOpenSSL[0] or something. or turn up a managed PKI with
something like Vault[1].

[0] https://www.pyopenssl.org/en/stable/

[1]
https://www.vaultproject.io/docs/secrets/pki/index.html

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] openssl and specifying subjectAltName
  - From: Michael Leone via plug <plug@lists.phillylinux.org>

References:
- [PLUG] openssl and specifying subjectAltName
  - From: Michael Leone via plug <plug@lists.phillylinux.org>
- Re: [PLUG] openssl and specifying subjectAltName
  - From: brent timothy saner via plug <plug@lists.phillylinux.org>

Prev by Date: Re: [PLUG] openssl and specifying subjectAltName
Next by Date: Re: [PLUG] openssl and specifying subjectAltName
Previous by thread: Re: [PLUG] openssl and specifying subjectAltName
Next by thread: Re: [PLUG] openssl and specifying subjectAltName
Index(es):
- Date
- Thread