https://quicktasks.ismael.casimpan.com/tags/san/Recent content in san on IT QuicktasksHugo -- gohugo.ioCopyright © 2018–2022, Ismael Casimpan Jr.; All Rights ReservedMon, 27 Jul 2020 00:20:25 +0800https://quicktasks.ismael.casimpan.com/post/regenerate-multidomain-sslcert-and-update-extension-dns/Mon, 27 Jul 2020 00:20:25 +0800https://quicktasks.ismael.casimpan.com/post/regenerate-multidomain-sslcert-and-update-extension-dns/ Scenario: Cert was purchased originally for 5 years. Cert with that validity need to revalidate every 2 years as per https://www.digicert.com/shortening-validity-periods-for-ov-dv-certificates However, the cert has been configured with the following SAN: www.example1.com www.example2.com Problem: www.example2.com is no longer part of the same hosting and doesn't need the cert. However, 'example1.com' should replace it. Solution: Regenerate the cert and add the domains "www.example1.com" and "example1.com". NOTE: Not sure yet, but I think this is valid only when the main domain for the cert is "www.https://quicktasks.ismael.casimpan.com/post/create-san-sslcert/Sun, 07 Jun 2020 00:20:25 +0800https://quicktasks.ismael.casimpan.com/post/create-san-sslcert/ Create san.conf 1[ req ] 2default_bits = 4096 3prompt = no 4encrypt_key = no 5default_md = sha256 6distinguished_name = dn 7req_extensions = req_ext 89[ dn ] 10CN = example.org 11emailAddress = webmaster@example.org 12O = Example Memorial Hospital 13OU = Example Memorial Hospital 14L = Chicago 15ST = Illinois 16C = US 1718[ req_ext ] 19subjectAltName = DNS: example.org, DNS: www.example.org NOTE: Do not leave out OU. Otherwise, you will see the error below.