Help neede Generating a V3 self-signed certificate from a CSR

Fri, 11 Nov 2011 11:50:46 -0800 

Hello there,

 

I have a problem. I am attempting to generate a self-signed (for internal
use) certificate with multiple SAN and all I can get is a V1 certificate
with no SAN at all. Any help would be greatly appreciated.

 

Here is the detail of my attempt:

 

# Generate a 2048 RSA key

OpenSSL genrsa -out test.key 2048

 

# Generate the certificate signature request

OpenSSL req -new -key test.key -config test.cfg -out test.csr

 

# Generate the self signed certificate

OpenSSL x509 -req -days 3650 -signkey test.key -in test.csr -out test.crt

 

Included are all the file created (Key, csr and crt).

 

Here is an output of the csr:

Certificate Request:

    Data:

        Version: 0 (0x0)

        Subject: C=CA, ST=Ontario, L=Ottawa, O=Test, CN=Test.com

        Subject Public Key Info:

            Public Key Algorithm: rsaEncryption

                Public-Key: (2048 bit)

                Modulus:

                    00:b0:4f:ec:f3:71:b6:d2:69:f9:4a:f4:8c:70:2c:

                    7e:62:91:74:9d:f7:ba:e0:d2:f4:5c:d7:99:2b:3d:

                    fe:4a:39:dd:58:5f:9d:f9:50:3e:a5:3e:55:ff:1b:

                    ef:9b:09:85:1e:a4:d2:bf:77:0e:b7:d6:86:fd:ef:

                    0a:c1:0d:d7:55:9c:94:79:f2:20:a2:f3:22:4a:f8:

                    01:20:43:14:f6:20:d7:52:43:ae:fd:27:a7:fa:b7:

                    45:03:cc:5a:19:50:32:ae:28:22:2a:94:f8:46:30:

                    33:76:4e:dd:23:06:d2:fc:a7:3b:4b:c7:11:57:fd:

                    85:bd:03:85:fa:fb:70:9a:e0:a2:61:d8:af:a6:14:

                    db:7e:3c:6b:ff:14:1f:a0:43:aa:1a:38:34:e9:08:

                    dc:cc:1f:4a:07:0b:68:83:f1:6c:3d:9d:d7:d3:c6:

                    d6:20:77:b7:aa:3a:fa:09:b5:61:f2:ae:f8:d5:b8:

                    88:76:97:6a:75:c6:0f:b1:c1:00:a5:90:d4:a8:11:

                    f8:6c:20:05:16:70:b1:48:dd:d2:27:39:21:e3:13:

                    a5:35:56:65:8b:8e:e6:6a:f2:21:4d:60:3c:28:1f:

                    8f:ff:f8:66:37:c9:f7:a6:dd:0a:e5:e1:bf:87:3a:

                    56:79:4e:fd:2e:c6:39:15:da:04:51:5f:e7:0a:3b:

                    1a:15

                Exponent: 65537 (0x10001)

        Attributes:

        Requested Extensions:

            X509v3 Subject Alternative Name:

                DNS:test1.com, DNS:test2.com, DNS:test3.com, DNS:test4.com

    Signature Algorithm: sha1WithRSAEncryption

        25:26:42:e0:a2:36:33:b1:6e:fd:1c:a0:96:2b:b3:a9:b8:8d:

        3f:c9:5e:4a:a8:49:c4:d6:3b:eb:79:e2:37:12:fe:18:4c:92:

        2f:08:16:3c:31:a3:e6:37:82:b6:bd:21:81:99:57:f2:77:9b:

        fe:78:f4:93:3e:fc:ce:fe:31:79:e0:0a:96:6e:f9:32:a6:68:

        cf:a1:c6:b4:39:37:93:57:d8:93:1f:2e:8e:f1:3a:90:fd:b6:

        b6:72:5d:bb:41:81:15:24:20:ed:7a:12:77:f7:0e:8b:18:11:

        ce:e6:9b:e2:25:b0:52:a4:37:50:7f:6a:7a:37:71:e0:c5:05:

        ca:45:76:54:54:72:58:6e:5b:94:0b:63:89:c6:89:a2:ee:58:

        91:f8:e4:2a:25:89:52:4b:f0:32:d1:e8:5c:5b:d4:4b:3f:3b:

        6d:55:81:b0:de:9c:9a:41:f3:15:e0:7f:21:ce:f4:3b:69:fd:

        76:10:9f:19:86:03:a1:fc:bb:0b:13:0f:f1:48:15:12:3b:8d:

        06:27:ff:51:c4:f5:b3:cd:21:08:24:70:06:87:ad:f8:9f:28:

        53:84:a0:c8:6b:eb:21:b7:40:de:9f:15:10:c7:ea:0f:3b:5e:

        d0:f1:e4:3b:af:c3:af:64:6c:c7:60:c4:62:d6:32:86:ce:26:

        a1:26:b0:38

 

Thanks,

 

 

Benoit Rouleau

Senior Web/Software Developer

Reply via email to