root@jb-ubuntu-01:/etc/keycloakcerts# vim ext.conf
[req]
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
[req_distinguished_name]
C = BE
ST = xxx
L =
O = My Company
OU = My Department
CN = keycloak
[v3_req]
subjectAltName = @alt_names
keyUsage = keyUsage = digitalSignature, keyCertSign, cRLSign
[alt_names]
DNS.1 = localhost
DNS.2 = keycloak.mydomain.com
IP.1 = 10.1.10.41
root@jb-ubuntu-01:/etc/keycloakcerts# openssl req -x509 -nodes -days 360 -newkey rsa:4096 -keyout mycert.key -out mycert.pem -config ext.conf
