If you want your certificates to support Subject Alternative Names (SANs), you must define the alternative names in a configuration file.
About this task
OpenSSL does not allow you to pass Subject Alternative Names (SANs) through the command line, so you must add them to a configuration file first. To do this, you must locate your default OpenSSL configuration file. On Ubuntu, it is located at
/usr/lib/ssl/openssl.cnf.
Steps
Create the configuration file.
cp /usr/lib/ssl/openssl.cnf request.conf
Edit the configuration file with a text editor and make the following changes.
The following line is likely to already exist in this [ v3_ca ] section. If you create a certificate signing request, you must comment it out as shown: