1

I am trying to create an ssl certificate from a CSR file containing a SAN using openssl, using the command line:

openssl x509 -req -in keyshare.acceptance.privacybydesign.foundation.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out keyshare.acceptance.privacybydesign.foundation.crt -days 500 -sha256

However, when doing this, it ignores the SAN information in the certificate sign request. How can I get openSSL to use this information?

I strongly prefer a solution that does not require me to re-enter that information during the signing process.

davidv1992
  • 11
  • 3
  • 2
    Possible duplicate of [Subject Alternative Name in Certificate Signing Request apparently does not survive signing](https://security.stackexchange.com/questions/190905/subject-alternative-name-in-certificate-signing-request-apparently-does-not-surv), [How to add AltName from csr file to crt file using “openssl x509 -req”?](https://security.stackexchange.com/questions/158166/how-to-add-altname-from-csr-file-to-crt-file-using-openssl-x509-req). – Steffen Ullrich May 17 '19 at 15:08
  • Edited to state that I really am looking towards a solution that doesn't require re-entering the SAN information, which does not (seem) to be in the answers to the cited questions. – davidv1992 May 18 '19 at 16:13

0 Answers0