You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have an Active Directory infrastructure with an AD Certificate Services running. Is it possible to make pixelserv-tls issue certificates for the client machines based on my own Root CA, so all generated client certificates would be automatically trusted?
I'm using pixelserv-tls on docker. If i take my root ca and key and use them on pixelserv-tls docker volume, and start the docker container using host network, it "kinda" works. But if i use docker port forwarding it doesn't work because the IP Address on the container is different from my network range.
P.S: I've created my root CA with SAN specifying my private network range and local domain.
So, is it possible to generate client certificates from a root CA while specifying SAN subjects?
For example, my RequestPolicy.inf which i use to generate my Root CA has:
which is the same as using this in an openssl.cnf file:
alt_names]
DNS.1 = *.mydomain.local
URL.1 = https://pihole.mydomain-slz.local
IP.2 = 172.0.0.0/8
The text was updated successfully, but these errors were encountered:
Hi there,
I have an Active Directory infrastructure with an AD Certificate Services running. Is it possible to make pixelserv-tls issue certificates for the client machines based on my own Root CA, so all generated client certificates would be automatically trusted?
I'm using pixelserv-tls on docker. If i take my root ca and key and use them on pixelserv-tls docker volume, and start the docker container using host network, it "kinda" works. But if i use docker port forwarding it doesn't work because the IP Address on the container is different from my network range.
P.S: I've created my root CA with SAN specifying my private network range and local domain.
So, is it possible to generate client certificates from a root CA while specifying SAN subjects?
For example, my RequestPolicy.inf which i use to generate my Root CA has:
2.5.29.17 = "{text}"
continue = "dns=*.mydomain.local&"
continue = "url=https://pihole.mydomain-slz.local&"
continue = "ipaddress=172.0.0.0&"
continue = "guid=f7c3ac41-b8ce-4fb4-aa58-3d1dc0e36b39&"
which is the same as using this in an openssl.cnf file:
alt_names]
DNS.1 = *.mydomain.local
URL.1 = https://pihole.mydomain-slz.local
IP.2 = 172.0.0.0/8
The text was updated successfully, but these errors were encountered: