29 lines
529 B
Plaintext
29 lines
529 B
Plaintext
[ req ]
|
|
default_bits = 2048
|
|
prompt = no
|
|
default_md = sha256
|
|
req_extensions = req_ext
|
|
distinguished_name = dn
|
|
|
|
[ dn ]
|
|
C = GB
|
|
ST = Canonical
|
|
L = Canonical
|
|
O = Canonical
|
|
OU = Canonical
|
|
CN = k8s
|
|
|
|
[ req_ext ]
|
|
subjectAltName = @alt_names
|
|
|
|
[ alt_names ]
|
|
DNS = {{ ansible_facts.fqdn }}
|
|
IP = {{ ansible_facts.default_ipv6.address }}
|
|
|
|
[ v3_ext ]
|
|
authorityKeyIdentifier=keyid,issuer:always
|
|
basicConstraints=CA:FALSE
|
|
keyUsage=keyEncipherment,dataEncipherment,digitalSignature
|
|
extendedKeyUsage=serverAuth,clientAuth
|
|
subjectAltName=@alt_names
|