Révision 3cb773da
Ajouté par yarick123 il y a plus de 9 ans
etc/inc/certs.inc | ||
---|---|---|
293 | 293 |
break; |
294 | 294 |
} |
295 | 295 |
|
296 |
// in case of using Subject Alternative Names use other sections (with postfix '_san') |
|
297 |
// pass subjectAltName over environment variable 'SAN' |
|
298 |
if ($dn['subjectAltName']) { |
|
299 |
putenv("SAN={$dn['subjectAltName']}"); // subjectAltName can be set _only_ via configuration file |
|
300 |
$cert_type .= '_san'; |
|
301 |
unset($dn['subjectAltName']); |
|
302 |
} |
|
303 |
|
|
296 | 304 |
$args = array( |
297 | 305 |
"x509_extensions" => $cert_type, |
298 | 306 |
"digest_alg" => $digest_alg, |
Formats disponibles : Unified diff
cherry pic from 'hotfix/3347-Certificate_Authority_SAN_names_not_working':
bugfix #3347: Certificate Authority SAN names not working in 2.1
subjectAltName can be set only via configuration file - created three extra sections in openssl.cnf to use in case of existing subjectAltName.
Unfortunately it is not possible to assign empty value to subjectAltName in openssl.cnf