You are doing it correctly. However, the DNS SubjectAltName only works with
FreeIPA 4.0+. The CA profile before this version does not allow them.
This is the upstream ticket:
https://fedorahosted.org/freeipa/ticket/3977
On 03/26/2015 07:09 PM, Steve Neuharth wrote:
I'm trying to specify a
I'm trying to specify a subject name in a cert request like this:
ipa-getcert request -K HTTP/web.test.org -N *cn=www.test.org
http://www.test.org,o=TEST.ORG http://TEST.ORG* -f /tmp/webserver.crt
-k /tmp/webprivate.key -r
or like this
ipa-getcert request -K HTTP/web.test.org -D www.test.org -f