I’ve generated a CSR on a IBM HMC that runs Apache. It contains the domain name in the CN but also includes the hostname (without the FQDN) in the subject alternative name section.
Subject: C=FR, L=[…], CN=hmc.domain.com
X509v3 Subject Alternative Name:
I get an error when I try to generate the signed certificate on a Redhat server:
letsencrypt --manual --csr csr.file -d hmc.domain.com certonly
No handlers could be found for logger "certbot.crypto_util"
Requested domain hmc is not a FQDN
I guess this comes from the alias name but I have no way to change it since it’s created on a very restrictive web interface with no access to the filesystem.
Is there a way to ignore aliases in the CSR? Or did I miss something obvious?