Generating SMIME certificate with several identities
I created for Company I am working for, own CA for several purposes. One of them is generating SMIME certificates for email signing/encryption. I use such certificates on different platforms like Linux (most common), Apple Mail, WIN, Android etc.
Practically all people in Company, have several email accounts. Most of people use Thunderbird as email client. Because of TB bug it is not possible to import more than one individual certificate. So it is possible to install individual certificate for only one identity that is one email address. Googled workarounds, including TB Add-On`s - does not work. Using OpenPGP it is possible to assign one certificate to several identities/email address. As far as I know, some payed SMIME certificate providers offers SMIME certs with several identities. So, how can I generate one SMIME certificate with several identities/email address ? Below script I use to generate individual SMIME certs, signed by our own CA. I know from Mageia forum, that is something like "SubjectAltName" in cert. How should I modify script below to generate one cert with several "Alt" identities? Code:
#!/bin/bash |
Make use of subject alternative names. You'll likely want to make use of a more advanced script for generating certificates which uses the -subj argument.
e.g. if I have three emails: user1@example.com, user2@example.com, and user3@example.com then... Code:
my_email="user1@example.com" One could have fancier logic but I'm lazy at the moment to create something more advanced. I haven't tested this myself because I don't normally generate client certificates. The documentation points to being able to do what I describe. You might have to use email.1=user2@example.com,email.2=user3@example.com instead. Sources: |
Thanks!
So I created script named gen (below) with necessary changes. Code:
[maciek@piotr SMIME]$ cat gen Code:
[maciek@piotr SMIME]$ openssl genrsa -des3 -out humble_coder.key 4096 Any idea what I am doing wrong? |
All times are GMT -5. The time now is 04:03 PM. |