hey,
There is no need to add the SAN to the CSR, some CA's accept to add additional SANs at the time of generation.
See if your Certificate provider can support that.
If you still want to add SANs to your CSR, you need to add smth like below to your openssl.cnf file you address .
MAKE SURE YOU HAVE the req_extensions to get the SAN's in the CSR!!!!!! # # req_extensions = v3_req # The extensions to add to a certificate request req_extensions = req_ext # The extensions to add to a certificate request [ req_ext ] subjectAltName = @ckp_names [ CKP_names ] DNS.1 = u-fw01.a#$#$%#$%lv.int DNS.2 = u-fw02.a#$#$%#$%lv.int DNS.3 = u-fw4.a#$#$%#$%lv.int |
Thank you and have a nice week,