Account Services on the Web
Page Help
What is an OpenSSL Configuration File?
An OpenSSL configuration file specifies the values for your certificate (instead of having the openssl command prompt you to enter them). This helps to insure they are always correct and consistent.
How do I use an OpenSSL Configuration File?
Simply specify the name of the configuration file on the command line. For example, if your file was named openssl-request.cf you could do:
openssl req -new -config openssl-request.cf -keyout myserver.key -out myserver.csr
What does an OpenSSL Configuration File Look Like?
Here is a sample configuration file you can copy and adapt for your use:
#edit next line with YOUR fqdn FQDN = whatever.dept.iastate.edu #edit next line to choose among depts DEPT = SE # Do you want a SAN Cert (YES/NO) SAN = NO [ alt_names ] # For a SAN Cert, put altername names here DNS.1 = $FQDN DNS.2 = altnameone.dept.iastate.edu DNS.3 = altnametwo.dept.iastate.edu # # Once your departments are setup, no need to touch anything below here # [ req ] req_extensions = san_$SAN distinguished_name = dept_$DEPT default_bits = 2048 encrypt_key = no prompt = no [ san_NO ] [ san_YES ] subjectAltName = @alt_names # setup: define one or more departments below # use your official full department name (https://www.ir.iastate.edu/deptcodes) [ dept_CPRE ] C = US ST = Iowa L = Ames O = Iowa State University of Science and Technology OU = COMPUTER ENGINEERING CN = $FQDN [ dept_SE ] C = US ST = Iowa L = Ames O = Iowa State University of Science and Technology OU = SOFTWARE ENGINEERING CN = $FQDN
