Skip to main content

Subject alternative names extension

Define the subject alternative name (SAN) requirements in the certificate.

Example JSON

"san": {
  "critical": false,
  "dns_name": {
    "include": "yes",
    "auto_include_cn": "top"
  },
  "user_principal_name": {
    "include": "optional"
  },
  "email": {
    "include": "no"
  },
  "ip_address": {
    "include": "yes"
  },
  "other_names": {
    "required": [
      "132.2.3.4.5",
      "guid"
    ],
    "optional": [
      "132.2.3.4.5"
    ]
  }
}

Parameters

Name	Type	Req/Opt	Description
san	object	optional	Subject alternative name extension details.
critical	boolean	optional	Indicates if the extension is marked critical or not. Defaults to false.
dns_name	object	optional	Possible values: `include` `auto_include_cn` `allowed_source`
user_principal_name	object	optional	Possible values: `include` `allowed_source`
email	object	optional	Possible values: `include` `allowed_source`
include	string	optional	Indicates if the name type must be included in the certificate. Possible values: `yes` `no` (default) `optional`
auto_include_cn	string	optional	Indicates if the common name should automatically be included in DNS names. The common name is included only if it is not already in the list of SANs (duplicates not allowed). Possible values: `top` `bottom` `no` (default)
allowed_source	array of strings	optional	Indicates the allowed source types for the values. Allowed sources can be one or more of these inputs: `csr` - The value can come from the CSR. `user_supplied` - The value can be supplied by the end user. `fixed_value` - The value can be set to a fixed value when creating a certificate profile. `custom_value` - The value can be supplied from a custom values field.

Nesta secção:

Was this helpful?