Using bin/elasticsearch-certutil to create node certificate, with --name, --dns, --ip, then using
openssl pkcs12 -info -in <node-certificate.p12>,
I can only see the CN (common name) of the certificate, but no dns and ip information.
So how can I see these information?
AFAIK one cannot print the SANs of a certificate from a PKCS#12 container using openssl pkcs12 so this is not something related to elasticsearch-certutil.
You can, instead use pkcs12 to get the certificate and then x509 to get the information of the Certificate. This would look something like :
openssl pkcs12 -in node-certificate.p12 -nokeys -clcerts | openssl x509 -text -noout
and look for something similar to
X509v3 Subject Alternative Name:
DNS:name.com, IP Address:1.1.1.1
in the output.
It is done. Thanks!
1 Like
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.