The documentation is poor, there are too many ways of doing the same thing, the examples are overly complex for the purpose of simple web servers.
Learning from that we have a simple, commented, template that you can edit.
It is in the directory
Decide on a name for the certificate family, eg
A family is a set of related web sites. In the example below
are all in one family.
The point about a family is that they all share one certificate.
EXAMPLE.cnf to a meaningful name, eg
Modify the 7 lines that start
countryName=. What we put is:
countryName= UK stateOrProvinceName= Hertfordshire localityName= Watford organizationName= Parliament Hill Computers organizationalUnitName= Web Server commonName= www.phcomp.co.uk emailAddress= firstname.lastname@example.org
If you have more than one web site address, then you need to put then in the
alt_names section at the bottom. You can put up to 99 extra names.
What we put included:
DNS.1 = www4.phcomp.co.uk DNS.2 = ipv6.phcomp.co.uk DNS.3 = ipv4.phcomp.co.uk DNS.4 = test.phcomp.co.uk
If you do not have any then comment out the line that references the section:
# subjectAltName = @alt_names
Here is a complete example ssl.cnf file.