Fernando Diaz
162 Followers
About
Fernando Diaz

Dec 18, 2018·1 min read

Also remember to use a digest better than md5(default), when generating the certificates. If not you will obtain an ssl error when using the secret.

Here’s and example:

$ openssl req -new -newkey rsa:4096 -keyout server.key -out server.csr -nodes -subj '/CN=*.xyz.com'$ openssl x509 -req -sha256 -extfile <(printf "subjectAltName=DNS:xyz.com,DNS:www.xyz.com") -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt

Also note that I updated the blog certificate generation section to include these changes.

Fernando Diaz

Technical Marketing @ GitLab 🦊, Developer at home, Keeping ATX Weird 😜

what if the certificate needed is wildcard for domain say: *.xyz.com
2

Dipesh Majumdar

More from Fernando Diaz

Technical Marketing @ GitLab 🦊, Developer at home, Keeping ATX Weird 😜

More From Medium

Configuring Certificate-Based Mutual Authentication with Kubernetes Ingress-Nginx

NYTimes Peru N-Word, Part Three: What Happened in the 2019 Investigation?

NYTimes Peru N-Word, Part Two: What Happened January 28?

NYTimes Peru N-Word, Part One: Introduction

NYTimes Peru N-Word, Part Four: What Happened in Peru?

9 Painful Signs That Your Partner Is No Longer In Love With You

My Boyfriend Sleeps in the Same Bed as Another Woman Every Night

Bitcoin Hitting $100,000 Doesn’t Matter. Many People Have Missed the Point.

About

Help

Legal

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store