Hi Everyone,
I am sorry for asking this question again, but the last time I asked it, I was confused with the answer. I am trying to create a "certificate profile" that will support 3 to 4 SAN (Subject Alternative Names), since the current profiles do not have support for this by default. I was trying to duplicate the "Manual Server Certificate Enrollment" profile, and adding SAN support. I tried using this as a guild:
and
This is how the profile looks like:
policyset.serverCertSet.9.constraint.class_id=noConstraintImplpolicyset.serverCertSet.9.constraint.name=No Constraintpolicyset.serverCertSet.9.default.class_id=subjectAltNameExtDefaultImplpolicyset.serverCertSet.9.default.name=Subject Alternative Name ExtensionDefaultpolicyset.serverCertSet.9.default.params.subjAltExtGNEnable_0=truepolicyset.serverCertSet.9.default.params.subjAltExtPattern_0=policyset.serverCertSet.9.default.params.subjAltExtType_0=DNSNamepolicyset.serverCertSet.9.default.params.subjAltNameExtCritical=falsepolicyset.serverCertSet.9.default.params.subjAltNameNumGNs=1
The CSR looks like this:
I am doing to do this instead of using wildcard certs.
Thanks,
Rafael