NetScaler creating a multi-domain certificate (SAN)

Source: Internet
Author: User
Tags openssl rsa netscaler

1. Create a OpenSSL profile on the local computer by modifying the fields below for your own needs.
Note 1: In the example used in this article, the configuration file is named "Req.conf".
Note 2: "Req_extensions" will place the subject alternative name in the CSR, and "X509_extensions" will be used when creating the actual certificate file.

[Req]
Distinguished_name = Req_distinguished_name
Req_extensions = V3_req
prompt = No
[Req_distinguished_name]
C = CN
ST = Province
L = City
O = Company
OU = organizational unit
CN = www.company.com
[V3_req]
Keyusage = KeyEncipherment, dataencipherment
Extendedkeyusage = Serverauth
SubjectAltName = @alt_names
[Alt_names]
Dns.1 = www.company.com
Dns.2 = company.com
Dns.3 = Www.company.net
Dns.4 = Company.net

2. Upload the file to the/Nsconfig/ssl directory on the NetScaler device.

3. Log on to the NetScaler command line interface as Nsroot and switch to the shell prompt.

Run the following command to create a certificate signing request and a new key file (note that, due to the CA version, you may need to change sha256 to SHA1):

Shell
Cd/nsconfig/ssl
OpenSSL req-new-out company.com.csr-newkey rsa:2048-nodes-sha256-keyout company.com.key.temp-config req.conf

Run the following command to verify the certificate signing request:

OpenSSL req-text-noout-verify-in COMPANY.COM.CSR

Run the following command to move the key file to the correct format used on NetScaler:

OpenSSL rsa-in company.com.key.temp-out Company.com.key
RM company.com.key.temp

4. Download the certificate signing request File "COMPANY.COM.CSR" and provide it to your certification authority for signature.

5. Upload the certificate provided by the certification authority to the/NSCONFIG/SSL directory on the NetScaler device and install the certificate using the "Company.com.key" file that you created earlier.

NetScaler creating a multi-domain certificate (SAN)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.