Red Hat Bugzilla – Bug 151929
RFE: rhn-ssl-tool does not allow hook for X.509SubjectAltName
Last modified: 2012-03-15 12:10:10 EDT
Description of problem:
Feature request. Please provide command line option for including
X.509SubjectAltName's in SSL Server certificate. This would be usefull if
the RHN server was known by several DNS names.
When rhn-ssl-tool generates a new web cert, it would just have to add the
optional line 'subjectAltName = alias.example.com' to the bottom of the
/root/ssl-build/<hostname>/rhn-server-openssl.cnf file when signing the
It would be even nicer if the Web GUI for the rhn-installer would then
prompt the user for any alternate names (aliases).
Todo: I have not checked if the rhn-client properly accepts the alt names yet.
This may not even work. I'll have to gen a cert by hand and see if one of my
rhn clients likes it.
mass reassign to mmccune
spacewalk-certs-tools-1.1.1-2 added --set-cname option to add subjectAltName.