Menu
I have to create an application which generates a CSR. While generating a CSR we are required to fill in several details like CN, OU, etc. The problem is that the Certifying Authority to which I have to send my CSR wants 2 OU(Organizational Unit) Names. I googled a lot but couldn't find anything using either openssl or java keytool by which I can specify 2 OU Names.
Can someone please tell me how I can specify 2 OU Names while generating the CSR?
905
By adding DNS. n (where n is a sequential number) entries under the “subjectAltName” field you'll be able to add as many additional “alternate names” as you want, even not related to the main domain.
Create a CSR for a SAN certificateOpen the command prompt as an administrator and change the directory to C:\OpenSSL-WinXX\bin. Generate the CSR and KEY file with this command. Enter the details to complete the CSR. Common Name must be the FQDN of the inSync master server.
You can generate the CSR from any server you like, but the final certificate must then be installed on the same server. (The private key that matches the CSR is on that server.)
If you want to do it via CLI you can use either a conf file or pass the -subj argument. Here's an example with -subj
openssl req -new -newkey rsa:2048 -nodes -subj "/CN=somedomain.com/O=My Corporation/OU=Org Unit 1/OU=Org Unit 2"
You can add in ST, L, C, and any other shortName OpenSSL recognizes (along with raw OIDs).
77
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
