I’ve a problem or don’t understand the setting for the common names while creating certificates.
openssl req -new -key node1-key.pem -subj "/C=CA/ST=ONTARIO/L=TORONTO/O=ORG/OU=UNIT/CN=node1.dns.a-record" -out node1.csr echo 'subjectAltName=DNS:node1.dns.a-record' > node1.ext
The example is showing CN=node1.dns.a-record Now I’m wondering, what I have to set?
CN=node1.www.my-domain.com
CN=node1.my-domain.com
CN=www.my-domain.com
CN=my-domain.com
same at
openssl req -new -key client-key.pem -subj "/C=CA/ST=ONTARIO/L=TORONTO/O=ORG/OU=UNIT/CN=client.dns.a-record" -out client.csr echo 'subjectAltName=DNS:client.dns.a-record' > client.ext
CN=client.www.my-domain.com
CN=client.my-domain.com
CN=www.my-domain.com
CN=my-domain.com
Which is the right one?
I read the documentation and looked for tutorials, but found different setting or nothing, they using the sample scripts.
nodesDn: [CN=node.other.com,OU=SSL,O=Test,L=Test,C=DE,OU=TEST,O=TEST,C=US] # List of certificate DNs allowed to connect
openssl req -new -key node2-key.pem -subj "/C=CA/ST=ONTARIO/L=TORONTO/O=ORG/OU=UNIT/CN=192.168.100" -out node2.csr
Please pay attention to the hostname, which is localhost here,and it should be replaced with your hostname or IP address.
Thanks in advance, for your help.