From 7c6b8336ee97c646dce0446c4b02c16fdc9c0f45 Mon Sep 17 00:00:00 2001
From: Vasco <true.vasco.alves@gmail.com>
Date: Wed, 22 Apr 2026 15:10:25 +0100
Subject: [PATCH] the dying breath of john caveman

---
 ca/cheese.cfg         | 1 +
 ca/create_all_keys.sh | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/ca/cheese.cfg b/ca/cheese.cfg
index 4b3967a..20141d1 100644
--- a/ca/cheese.cfg
+++ b/ca/cheese.cfg
@@ -4,6 +4,7 @@ default_ca = CA_default
 default_days = 365
 database = index.txt
 serial = serial
+copy_extensions = copy
 new_certs_dir = .
 default_md = sha256
 policy = policy_any
diff --git a/ca/create_all_keys.sh b/ca/create_all_keys.sh
index 0ddf3f6..23d0d5f 100755
--- a/ca/create_all_keys.sh
+++ b/ca/create_all_keys.sh
@@ -18,5 +18,5 @@ cert_apache="/C=PT/ST=Coimbra/L=Coimbra/O=UC/CN=apache"
 [[ -e "user.csr" ]]     || openssl req -new -key user.key -out user.csr -subj "$cert_user"
 [[ -e "user.crt" ]] 	|| openssl ca -batch -in "user.csr" -cert "ca.crt" -keyfile "ca.key" -out "user.crt" -config cheese.cfg
 [[ -e "apache.key" ]]   || openssl genrsa -out apache.key
-[[ -e "apache.csr" ]]   || openssl req -new -key apache.key -out apache.csr -subj "$cert_apache"
+[[ -e "apache.csr" ]]   || openssl req -new -key apache.key -out apache.csr -subj "$cert_apache" -addext "subjectAltName = IP:10.60.0.1,DNS:apache"
 [[ -e "apache.crt" ]] 	|| openssl ca -batch -in "apache.csr" -cert "ca.crt" -keyfile "ca.key" -out "apache.crt" -config cheese.cfg