Due to the bug in mod_nss that prevents SNI from functioning (i.e. limits a port to a single certificate) I need to add SANs (SubjectAltName) to the certificate that freeipa created for the webserver (Server-Cert) so that I can add more virtual hosts to the same Apache instance (yes, I know this is not advised but budgetary constraints are at play here).
How do I go about that? Do I want to resubmit the certificate request with some -D alt.name1 -D alt.name2, etc. parameters as such: # ipa-getcert resubmit -i <Request ID> -D alt.name1 -D alt.name2 Is that the correct operation? If so, is there anything more I need to do after that? Cheers, b.
signature.asc
Description: This is a digitally signed message part
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
