Révision 3cb773da
Ajouté par yarick123 il y a plus de 9 ans
| etc/inc/certs.inc | ||
|---|---|---|
| 293 | 293 |
break; |
| 294 | 294 |
} |
| 295 | 295 |
|
| 296 |
// in case of using Subject Alternative Names use other sections (with postfix '_san') |
|
| 297 |
// pass subjectAltName over environment variable 'SAN' |
|
| 298 |
if ($dn['subjectAltName']) {
|
|
| 299 |
putenv("SAN={$dn['subjectAltName']}"); // subjectAltName can be set _only_ via configuration file
|
|
| 300 |
$cert_type .= '_san'; |
|
| 301 |
unset($dn['subjectAltName']); |
|
| 302 |
} |
|
| 303 |
|
|
| 296 | 304 |
$args = array( |
| 297 | 305 |
"x509_extensions" => $cert_type, |
| 298 | 306 |
"digest_alg" => $digest_alg, |
Formats disponibles : Unified diff
cherry pic from 'hotfix/3347-Certificate_Authority_SAN_names_not_working':
bugfix #3347: Certificate Authority SAN names not working in 2.1
subjectAltName can be set only via configuration file - created three extra sections in openssl.cnf to use in case of existing subjectAltName.
Unfortunately it is not possible to assign empty value to subjectAltName in openssl.cnf