On 10/18/2013 02:37 PM, Christian Kratzer wrote:
Hi,
On Fri, 18 Oct 2013, lejeczek wrote:
<snipp/> >> use following to dump the certificate: >> >> openssl s_client -text -in CERT.pem > and no such things for s_clients in the toolkit version > as above, > I normally view a certificate with: > > openssl x509 -issuer -subject -enddate -noout -text -in > CERT.pem -- and I cannot see subjectAltNames > > how could it be, given above is the right way to get all > relevant info of a certificate that request has > subjectAltNames but actual certificate misses it?
I totally goofed up the openssl command line. It is of course:
openssl x509 -text -in CERT.pemIf you do not see the subjectAltNames there then they are not in the certificate.
How did you get those requests signed ?
ok, above doesn't get me much more than what was in my command line but still no! subjectAltNames, I had a similar thought to what Quanah suggested but first, before I try different ssl toolchain I shall assume it is me messing thing up. I definitively have subjectAltNames in my request, the I sign:
openssl x509 -req -extensions v3_req -days 365 -in .... -signkey ... -out ...
where is the problem?
regards
Greetings Christian