Hey Michael Mueller, do you think I can work with you to get this resolved? I am my own CA as well and have made all of the changes mentioned by the group members.
Thanks, Hector L. Jaquez Jr. Data Security Analyst II HQ AAFES, Information Technology Governance W 214-312-4449 BB 214-794-3641 From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Michael Mueller Sent: Wednesday, December 12, 2012 7:40 AM To: openssl-users@openssl.org Subject: Re: extensions in certifications On Tue, Dec 11, 2012 at 7:10 PM, Michael Mueller <abaci....@gmail.com<mailto:abaci....@gmail.com>> wrote: On Tue, Dec 11, 2012 at 6:10 PM, Dave Thompson <dthomp...@prinpay.com<mailto:dthomp...@prinpay.com>> wrote: >From: owner-openssl-us...@openssl.org<mailto:owner-openssl-us...@openssl.org> >On Behalf Of Michael Mueller >Sent: Tuesday, 11 December, 2012 15:45 >Could I get a nudge. I'd like to get the SANs to show up in my certs. <snip> If you are the CA, and you are using openssl 'ca' commandline, configure copy_extensions as per the man page (and read the warning). If you don't have man pages on your system e.g. Windows http://www.openssl.org/docs/apps/ca.html <snip> It worked: [ ca ] default_ca = exampleca [ exampleca ] copy_extensions = copy # copy extensions from request [ certificate_extensions ] basicConstraints = CA:false # per WARNING Thanks again
