Generate CSR with 2 OU Names
Solution 1
If you want to do it via CLI you can use either a conf file or pass the -subj argument. Here's an example with -subj
openssl req -new -newkey rsa:2048 -nodes -subj "/CN=somedomain.com/O=My Corporation/OU=Org Unit 1/OU=Org Unit 2"
You can add in ST, L, C, and any other shortName OpenSSL recognizes (along with raw OIDs).
Solution 2
hope this helps I banged my head for several hours till i found it, You can also try this command
openssl req -new -key username.key -out username.csr -config client/client.csr.cnf
here's the client.csr.cnf
[req]
default_bits = 2048
distinguished_name = req_distinguished_name
prompt = no
[req_distinguished_name]
DC= com
0.DC= company
OU= organizations
0.OU= telos
1.OU= telosapac
CN= USERNAMEPATTERN
notice the number before the subject attribute 0.DC, 0.OU, 1.OU there should be a number prefix representing the index of the subject entries
DanMatlin
Updated on June 04, 2022Comments
-
DanMatlin almost 2 years
I have to create an application which generates a CSR. While generating a CSR we are required to fill in several details like CN, OU, etc. The problem is that the Certifying Authority to which I have to send my CSR wants 2 OU(Organizational Unit) Names. I googled a lot but couldn't find anything using either openssl or java keytool by which I can specify 2 OU Names.
Can someone please tell me how I can specify 2 OU Names while generating the CSR?