Another quick note today: how to generate a CSR for a basic certificate supported by modern browsers (includes
Subject Alternative Name).
# example.conf [req] prompt = no distinguished_name = dn req_extensions = req_ext [dn] CN = example.com O = Company Name L = Lyon C = FR [req_ext] subjectAltName = DNS: example.com, IP: 192.168.1.1
Of course, remember to adjust the settings according to the organization you’re creating the CSR for:
[dn](distinguished name) section
subjectAltNameline (DNS and IP)
openssl genrsa -out example.key 4096
openssl req -new -config example.conf -key example.key -out example.csr