.\"
.\" makecert manual page.
.\" Copyright 2003 Motus Technologies
-.\" Copyright 2004-2005 Novell
+.\" Copyright 2004-2005, 2011 Novell
.\" Author:
.\" Sebastien Pouliot (sebastien@ximian.com)
.\"
authority). This is used to limit the chain of certificates than can be
issued under this authority.
.TP
+.I "-alt filename"
+Add a subjectAltName extension to the certificate. Each line from 'filename'
+will be added as a DNS entry of the extension. This option is useful if you
+want to create a single SSL certificate to work on several hosts that do not
+share a common domain name (i.e. CN=*.domain.com would not work).
+.TP
.I "-eku oid[,oid]"
Add some extended key usage OID to the certificate.
.TP
CspParameters issuerParams = new CspParameters ();
BasicConstraintsExtension bce = null;
ExtendedKeyUsageExtension eku = null;
+ SubjectAltNameExtension alt = null;
string p12file = null;
string p12pwd = null;
X509Certificate issuerCertificate = null;
}
bce.PathLenConstraint = Convert.ToInt32 (args [i++]);
break;
+ case "-alt":
+ if (alt == null) {
+ string [] dnsNames = File.ReadAllLines (args [i++]);
+ alt = new SubjectAltNameExtension (null, dnsNames, null, null);
+ }
+ break;
case "-ic":
issuerCertificate = LoadCertificate (args [i++]);
issuer = issuerCertificate.SubjectName;
cb.Extensions.Add (bce);
if (eku != null)
cb.Extensions.Add (eku);
+ if (alt != null)
+ cb.Extensions.Add (alt);
// signature
cb.Hash = hashName;
byte[] rawcert = cb.Sign (issuerKey);