|
|
|
|
|
|
by NotANaN
2793 days ago
|
|
|
"Generating the certs is a complicated hassle." Not really... I will grant that the openssl commands are a bit non-obvious. Step 1: Generate private key openssl ecparam -genkey -name secp384r1 -out key.pem Step 2: Create and sign cert openssl req -x509 -sha512 -nodes -days 365 -key key.pem -subj "/CN=example.com" -reqexts SAN -extensions SAN -config <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:example.com,DNS:*.example.com')) -out cert.pem |
|
|