Henning Svane <h...@energy.dk> wrote:
> I am using OpenSSL 1.1.1f Is there a way to make a SAN certificate
> based on the CSR I have created in Exchange. I need a self-signed
> certificate for testing.I'm not exactly sure what you think a SAN certificate is. I guess one with a SubjectAltName extension. Mostly, all certificates have that these days, but whether or not the Subject is entirely filled out is a different question. To form a self-signed certificate from a CSR, use openssl req. You may need a configuration file, serial number, expiry and algorithm. You'll need access to the private key. See: https://datatracker.ietf.org/doc/html/draft-moskowitz-ecdsa-pki#section-4.2 Some of us maintain a document on generated test CAs for ECDSA and EDDSA key types at: https://github.com/henkbirkholz/draft-moskowitz-ecdsa-pki while it is in the form of an IETF ID, it is not intended for publication. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
signature.asc
Description: PGP signature
