vi /etc/nsssl.conf
# add lines
[ req ]
x509_extensions = v3_ca
[ v3_ca ]
#to resolve Google Chrome issue
#The certificate for this site does not contain a Subject Alternative Name
#extension containing a domain name or IP address.
subjectAltName = DNS:nsx.domain.com
cd /nsconfig/ssl
#Generate key+csr
openssl req -config /etc/nsssl.conf -newkey rsa:2048 -sha256 -nodes -out test-sha256.csr -outform PEM -keyout test-sha256_.key
#remove hidden space control characters
openssl rsa -in test-sha256_.key -out test-sha256.key
rm test-sha256_.key
Generete certificate from GUI
Remove from nsssl.conf subjectAltName line.
Install new Self signed cert on WebInterface server to computer - trusted root store.
# add lines
[ req ]
x509_extensions = v3_ca
[ v3_ca ]
#to resolve Google Chrome issue
#The certificate for this site does not contain a Subject Alternative Name
#extension containing a domain name or IP address.
subjectAltName = DNS:nsx.domain.com
cd /nsconfig/ssl
#Generate key+csr
openssl req -config /etc/nsssl.conf -newkey rsa:2048 -sha256 -nodes -out test-sha256.csr -outform PEM -keyout test-sha256_.key
#remove hidden space control characters
openssl rsa -in test-sha256_.key -out test-sha256.key
rm test-sha256_.key
Generete certificate from GUI
Remove from nsssl.conf subjectAltName line.
Install new Self signed cert on WebInterface server to computer - trusted root store.
