问题
I am using phpseclib to generate private key, public key and CSR and i just want to be able to include subjectAltName to the Public key and CSR in the process but the documentation is no good. I tried using setDomain but all that does is overides the primary commonName value..
I found this from another post but it doesn't seem to have any effect:
$x509->setExtension('id-ce-subjectAltName', array('san1.domain.com', 'san2.domain.com'));
-- UPDATE --
I am step closer, I see the extension for subjectAltName in my certificate but its blank field
Any help will be appreciated!
thanks
Here is some php code..
$altnames = array (
"san1.domain.com",
"san2.domain.com"
);
$x509 = new File_X509();
$x509->loadX509($x509->saveX509($x509->sign($issuer, $subject)));
$x509->setExtension('id-ce-keyUsage', array('digitalSignature', 'keyEncipherment'));
$x509->setExtension('id-ce-extKeyUsage', array('id-kp-serverAuth', 'id-kp-clientAuth'));
$x509->setExtension("id-ce-subjectAltName", $altnames);回答1:
phpseclib doesn't currently support subjAltDomain's for CSR's very well. More info:
https://stackoverflow.com/a/28610388/569976
来源:https://stackoverflow.com/questions/29650036/adding-subjectaltname-to-csr-using-phpseclib