Jonathan Schwehm via plug on 5 Feb 2020 08:30:49 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] openssl and specifying subjectAltName


For a bash solution, I tweaked this to use my local CA cert @work.

https://github.com/loganstellway/self-signed-ssl/blob/master/self-signed-tls

Jonathan

Sent from Yahoo Mail on Android

On Wed, Feb 5, 2020 at 11:23 AM, brent timothy saner via plug
<plug@lists.phillylinux.org> wrote:
On 2/5/20 11:10, Michael Leone via plug wrote:
>
> Is that doable? I haven't seen how ...

nope; you haven't seen it because it isn't doable. OpenSSL expects a
static environment.

if you *really* don't want to write an openssl.cnf, just gen a CSR in
python with pyOpenSSL[0] or something. or turn up a managed PKI with
something like Vault[1].


[0] https://www.pyopenssl.org/en/stable/

[1]
https://www.vaultproject.io/docs/secrets/pki/index.html

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug