Skip to content

Instantly share code, notes, and snippets.

@yidas

yidas/csr.conf.md

Last active September 7, 2025 06:15
Show Gist options
  • Save yidas/af42d2952d85c0951c1722fcd68716c6 to your computer and use it in GitHub Desktop.
Save yidas/af42d2952d85c0951c1722fcd68716c6 to your computer and use it in GitHub Desktop.
Download ZIP
Certificate(CSR) configuration file
Raw
csr.conf.md

Openssl commands:

openssl genrsa -out self-ssl.key
openssl req -new -key self-ssl.key -out self-ssl.csr -config csr.conf

Configuration csr.conf:

[req]
default_bits = 2048
req_extensions = req_ext
distinguished_name = dn
prompt             = no

[ dn ]
C="TW"
ST="Taiwan"
L="Taipei"
O="YIDAS"
OU="Service"
CN/emailAddress="[email protected]"
CN=yourdomain.com

[ req_ext ]
subjectAltName = @alt_names

[ alt_names ]
DNS.0 = *.yourdomain.com
DNS.1 = *.dev.yourdomain.com
@doogle-oss
Copy link

Thanks a ton really helpful.

@eddyekofo94
Copy link

Thanks 👍

@ggress
Copy link

ggress commented Jun 11, 2021

Thanks

@aakash-pinc
Copy link

What is csr configuration for these fields -keysize 2048 -keyalg RSA -sigalg SHA256withRSA?

@leandredasilva
Copy link

leandredasilva commented Jul 10, 2022
edited
Loading

Thank you !
Please not that you need to req_extensions = req_ext in [req] for alt_names to work, otherwise they are ignored (tested !) :

[req]
default_bits = 2048
default_md = sha256
encrypt_key = no
distinguished_name = dn
prompt             = no
req_extensions = req_ext

@sramzln
Copy link

sramzln commented Sep 18, 2023

https://github.com/devzed/pki

@jnmontano
Copy link

Thank so much..

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment