[ https://jira.fiware.org/browse/HELP-15775?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Fernando Lopez reassigned HELP-15775:
-------------------------------------
Assignee: Fermín Galán
Description:
Created question in FIWARE Q/A platform on 03-05-2019 at 11:05
{color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/55966718/add-subjectaltnames-to-openssl-script
+Question:+
Add SubjectAltNAmes to openssl script
+Description:+
here is a bash script that I found on that GitHub Repo.
The script is usefull for the kind of certificate I need to create for my project and it works with my HAProxy for 443 requests.
My question is how can I add a SAN (SubjectAltNAme) to that script, for example adding below the field email something like this that will be recognize and works.
subjectAltName="DNS:domain1.com,DNS:domain2.com"
Here is the originl one:
# Copyright 2014 Telefonica Investigacion y Desarrollo, S.A.U
#
# This file is part of Orion Context Broker.
#
# Orion Context Broker is free software: you can redistribute it and/or
# modify it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# Orion Context Broker is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero
# General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with Orion Context Broker. If not, see http://www.gnu.org/licenses/.
#
# For those usages not covered by this license please contact with
# iot_support at tid dot es
# -----------------------------------------------------------------------------
#
# usage
#
function usage()
{
fileName=$(basename $0)
echo $fileName "[--keyFileName (name of key file)] [--certFileName (name of certificate file)]"
echo " [--country (country)] [--state (state)] [--city (city)] [--company (company)] [--unit (unit)] [--name (name)] [--email (email)]"
echo
echo " The last seven options are input for the creation of the certificate and they all have 'decent' default values."
exit $1
}
keyFileName="localhost.key"
certFileName="localhost.pem"
country="ES"
state="Madrid"
city="Madrid"
company="Telefonica"
unit="I+D"
name="localhost"
email="noone at nowhere.com"
while [ "$#" != 0 ]
do
if [ "$1" == "-u" ]; then usage;
elif [ "$1" == "--keyFileName" ]; then keyFileName=$2; shift;
elif [ "$1" == "--certFileName" ]; then certFileName=$2; shift;
elif [ "$1" == "--state" ]; then state=$2; shift;
elif [ "$1" == "--city" ]; then city=$2; shift;
elif [ "$1" == "--company" ]; then company=$2; shift;
elif [ "$1" == "--unit" ]; then unit=$2; shift;
elif [ "$1" == "--name" ]; then name=$2; shift;
elif [ "$1" == "--email" ]; then email=$2; shift;
else
echo $0: bad parameter/option: "'"${1}"'";
usage 1
fi
shift
done
OPTIONS="/C="$country"/ST="$state"/L="$city"/O="$company"/OU="$unit"/CN="$name"/"
openssl genrsa -out "$keyFileName" 1024 > /dev/null 2>&1
openssl req -days 365 -out "$certFileName" -new -x509 -key "$keyFileName" -subj "$OPTIONS" > /dev/null 2>&1
Thanks for your help
was:
Created question in FIWARE Q/A platform on 03-05-2019 at 11:05
{color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/55966718/add-subjectaltnames-to-openssl-script
+Question:+
Add SubjectAltNAmes to openssl script
+Description:+
here is a bash script that I found on that GitHub Repo.
The script is usefull for the kind of certificate I need to create for my project and it works with my HAProxy for 443 requests.
My question is how can I add a SAN (SubjectAltNAme) to that script, for example adding below the field email something like this that will be recognize and works.
subjectAltName="DNS:domain1.com,DNS:domain2.com"
Here is the originl one:
# Copyright 2014 Telefonica Investigacion y Desarrollo, S.A.U
#
# This file is part of Orion Context Broker.
#
# Orion Context Broker is free software: you can redistribute it and/or
# modify it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# Orion Context Broker is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero
# General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with Orion Context Broker. If not, see http://www.gnu.org/licenses/.
#
# For those usages not covered by this license please contact with
# iot_support at tid dot es
# -----------------------------------------------------------------------------
#
# usage
#
function usage()
{
fileName=$(basename $0)
echo $fileName "[--keyFileName (name of key file)] [--certFileName (name of certificate file)]"
echo " [--country (country)] [--state (state)] [--city (city)] [--company (company)] [--unit (unit)] [--name (name)] [--email (email)]"
echo
echo " The last seven options are input for the creation of the certificate and they all have 'decent' default values."
exit $1
}
keyFileName="localhost.key"
certFileName="localhost.pem"
country="ES"
state="Madrid"
city="Madrid"
company="Telefonica"
unit="I+D"
name="localhost"
email="noone at nowhere.com"
while [ "$#" != 0 ]
do
if [ "$1" == "-u" ]; then usage;
elif [ "$1" == "--keyFileName" ]; then keyFileName=$2; shift;
elif [ "$1" == "--certFileName" ]; then certFileName=$2; shift;
elif [ "$1" == "--state" ]; then state=$2; shift;
elif [ "$1" == "--city" ]; then city=$2; shift;
elif [ "$1" == "--company" ]; then company=$2; shift;
elif [ "$1" == "--unit" ]; then unit=$2; shift;
elif [ "$1" == "--name" ]; then name=$2; shift;
elif [ "$1" == "--email" ]; then email=$2; shift;
else
echo $0: bad parameter/option: "'"${1}"'";
usage 1
fi
shift
done
OPTIONS="/C="$country"/ST="$state"/L="$city"/O="$company"/OU="$unit"/CN="$name"/"
openssl genrsa -out "$keyFileName" 1024 > /dev/null 2>&1
openssl req -days 365 -out "$certFileName" -new -x509 -key "$keyFileName" -subj "$OPTIONS" > /dev/null 2>&1
Thanks for your help
HD-Enabler: Orion
> [fiware-stackoverflow] Add SubjectAltNAmes to openssl script
> ------------------------------------------------------------
>
> Key: HELP-15775
> URL: https://jira.fiware.org/browse/HELP-15775
> Project: Help-Desk
> Issue Type: Monitor
> Components: FIWARE-TECH-HELP
> Reporter: Backlog Manager
> Assignee: Fermín Galán
> Labels: bash, fiware, openssl
>
> Created question in FIWARE Q/A platform on 03-05-2019 at 11:05
> {color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/55966718/add-subjectaltnames-to-openssl-script
> +Question:+
> Add SubjectAltNAmes to openssl script
> +Description:+
> here is a bash script that I found on that GitHub Repo.
> The script is usefull for the kind of certificate I need to create for my project and it works with my HAProxy for 443 requests.
> My question is how can I add a SAN (SubjectAltNAme) to that script, for example adding below the field email something like this that will be recognize and works.
> subjectAltName="DNS:domain1.com,DNS:domain2.com"
> Here is the originl one:
> # Copyright 2014 Telefonica Investigacion y Desarrollo, S.A.U
> #
> # This file is part of Orion Context Broker.
> #
> # Orion Context Broker is free software: you can redistribute it and/or
> # modify it under the terms of the GNU Affero General Public License as
> # published by the Free Software Foundation, either version 3 of the
> # License, or (at your option) any later version.
> #
> # Orion Context Broker is distributed in the hope that it will be useful,
> # but WITHOUT ANY WARRANTY; without even the implied warranty of
> # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero
> # General Public License for more details.
> #
> # You should have received a copy of the GNU Affero General Public License
> # along with Orion Context Broker. If not, see http://www.gnu.org/licenses/.
> #
> # For those usages not covered by this license please contact with
> # iot_support at tid dot es
> # -----------------------------------------------------------------------------
> #
> # usage
> #
> function usage()
> {
> fileName=$(basename $0)
> echo $fileName "[--keyFileName (name of key file)] [--certFileName (name of certificate file)]"
> echo " [--country (country)] [--state (state)] [--city (city)] [--company (company)] [--unit (unit)] [--name (name)] [--email (email)]"
> echo
> echo " The last seven options are input for the creation of the certificate and they all have 'decent' default values."
> exit $1
> }
> keyFileName="localhost.key"
> certFileName="localhost.pem"
> country="ES"
> state="Madrid"
> city="Madrid"
> company="Telefonica"
> unit="I+D"
> name="localhost"
> email="noone at nowhere.com"
> while [ "$#" != 0 ]
> do
> if [ "$1" == "-u" ]; then usage;
> elif [ "$1" == "--keyFileName" ]; then keyFileName=$2; shift;
> elif [ "$1" == "--certFileName" ]; then certFileName=$2; shift;
> elif [ "$1" == "--state" ]; then state=$2; shift;
> elif [ "$1" == "--city" ]; then city=$2; shift;
> elif [ "$1" == "--company" ]; then company=$2; shift;
> elif [ "$1" == "--unit" ]; then unit=$2; shift;
> elif [ "$1" == "--name" ]; then name=$2; shift;
> elif [ "$1" == "--email" ]; then email=$2; shift;
> else
> echo $0: bad parameter/option: "'"${1}"'";
> usage 1
> fi
> shift
> done
> OPTIONS="/C="$country"/ST="$state"/L="$city"/O="$company"/OU="$unit"/CN="$name"/"
> openssl genrsa -out "$keyFileName" 1024 > /dev/null 2>&1
> openssl req -days 365 -out "$certFileName" -new -x509 -key "$keyFileName" -subj "$OPTIONS" > /dev/null 2>&1
> Thanks for your help
--
This message was sent by Atlassian JIRA
(v6.4.1#64016)
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy