Menu
I want to create a self-signed cert with the SAN field (subject alternative name) set but the Java keytool tool does not seem to support that. What is my best option? This is for Java use, so the keystore must still match the JKS format even if a non-Java tool is used to create the cert.
450
You can do this by adding the SAN function to the command when creating the CSR:
Create the Keystore:
keytool -genkey -alias SANTEST -keyalg RSA -keystore SANTEST.jks -keysize 2048
Issue the CSR:
keytool -certreq -alias SANtest01 -keystore SANTEST.jks -ext san=dns:san.yourdomain.com -keysize 204
http://download.java.net/jdk8/docs/technotes/tools/solaris/keytool.html
137
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
