-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 05/19/2015 07:49 AM, Gabor Kiss wrote: >> I am wondering if I can still get a certificate for >> keys.techwolf12.nl, my server has been stable for over 3 months >> now and I would like to add an extra layer of security. > >> Does anyone know how to get an certificate? > > I tell you how did I some two weaks ago. > > I tailored a tipical openssl.cnf file. I added this section: > > [alt_names] DNS.1 = hkps.pool.sks-keyservers.net DNS.2 = > *.pool.sks-keyservers.net DNS.3 = pool.sks-keyservers.net DNS.4 = > keys.niif.hu
This part is unnecessary, the SANs are added by me the input is discarded when generating the certificate. So you can simplify this to simply a CN=keys.niif.hu > Subject: C=HU, O=NIIF Institute, CN=keys.niif.hu as here.. - -- - ---------------------------- Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - ---------------------------- Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - ---------------------------- Cogito ergo sum I think, therefore I am -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJVWuV1AAoJEP7VAChXwav62qEIAKdFsJmaRBF4KzV67V/VHB2I 8fqRuQJ/rsvj/U0ypt9B6gn2FGh6CkJ01G8KYNJGsBTa2PGXIBagozxeVP8cSYKO j/ZybLqW5sOOlJ+za44Vg+WViJyOLV1qE4/RySTnK6lrSkNe0dZZgIstOXKP6Nb8 UB7rutlvwygooAGHYrppVn+DsWYz/DSmCeMrsmDeYpext6YkckjZczLzwRI0LZMT z6BNdh2CdHax0RqDxqgGgDV/vsPd2SQ3IVcUchFg3TO0JIS33+PpQsVDE6F06UnG wDp6ZsO7bmFxWthGxGHfZwO1FHhJO2iy1PR6/Amw0Im30Qly4KGYIq8VuUxfsHQ= =XKKe -----END PGP SIGNATURE----- _______________________________________________ Sks-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/sks-devel
