multidomain/SAN cert csr submitted, but only single-domain cert returned?

I create a csr.der

openssl req -inform der -in -noout -text

    Certificate Request:
            Version: 0 (0x0)
            Subject: C=US, ST=NewYork, L=NewYork,,,,,
            Subject Public Key Info:
                Public Key Algorithm: id-ecPublicKey
                    Public-Key: (384 bit)

Then submit it to LE

certbot-auto certonly \
 --server \
 --email \
 --standalone --standalone-supported-challenges tls-sni-01 \
 --break-my-certs --text --agree-tos --renew-by-default \
 --staple-ocsp --must-staple --redirect --hsts --uir \
 --csr=./ --cert-path ./

Success is reported

 - Congratulations! Your certificate and chain have been saved at

But in browser, and on cmd line, there’s no SAN data – only the primary

cd /etc/letsencrypt/live/
openssl x509 -text -noout -in cert.pem | grep DNS

openssl x509 -text -noout -in cert.pem
        Subject Public Key Info:
            X509v3 Subject Alternative Name:
            X509v3 Certificate Policies:

The single cert passes SSLLABS’ server test with an A+, but only for the main domain.

What config have I missed to get SAN working properly?

Those aren’t SANs you’ve got there in your CSR.

What you’ve got is a Subject, with a bunch of DNSname in it. And Let’s Encrypt has looked at those, and gone “Yeah, no” and thrown them away.

Subject Alternate Names are a wholly separate field that needs to appear in your CSR. Yours didn’t have any, the Baseline Requirements say all certificates for the Web PKI should have at least one, and Let’s Encrypt sets it to the CN of your subject from the CSR.

(edited to add)

Some older tutorials suggest the approach you’ve used because it looks simpler, particularly if you’re doing stuff with OpenSSL commands, as is common. And years ago actual public CAs would sign this kind of thing. However the standards involved on the web say not to use cram DNSnames into the Subject field, and instead use actual SANs, browsers and other software are increasingly fond of actually obeying the standards, and so is Let’s Encrypt.

I haven’t tried following the below tutorial, but at a glance it looks better and is generating actual SANs in the CSR.

Yep, that’s what I just started using. Works a charm. Thanks.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.