Hi, I'm using Leap 42.1 and I'm trying enabling SSL on my Apache server. Based on this documentation: https://doc.opensuse.org/documentation/leap/reference/html/book.opensuse.ref... I'm trying to generate a self-signed certificate for my own server. So, I make a backup of this file: # cp /etc/ssl/openssl.cnf /etc/ssl/openssl.bak and on the [ req ] section I uncomment the line req_extensions = [ v3_req ] Next, on section [ v3_req ] I add the following line: subjectAltName = @alt_names Besides, at the end of this file I add the [ alt_names ] section: # Alternatives DNS names for my webserver [ alt_names ] DNS.1 = server.local DNS.1 = *.server.local DNS.1 = server DNS.1 = *.server IP.1 = 192.168.0.110 Next, I execute this command (read on documentation above) as root: # openssl req -new > new.cert.csr At this point, if I check the csr file I can see the Subject Alternative Name (SAN) field loaded: # openssl req -text -noout -in new.cert.csr Next step, I execute this command for generating the private key: # openssl rsa -in privkey.pem -out new.cert.key and this one for generating the public cert file: # openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 365 Now, if I check this one: # openssl x509 -in new.cert.cert -text -noout I CAN'T SEE the SAN field. Because of this I cannot use a single cert file for enabling SSL on my server for each DNS name. This is anomalous according the documentation available on internet. SAN field must be integrated into the cert file. Is this a bug or am I wrong? Thanks in advance! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org