[2] Add under [ v3_ca ] the line:
subjectAltName=URI:'http://bshambaugh.org/profile#me'
basicConstraints = CA:false
[3] openssl 2048 > localhost.key [4] openssl req -new -x509 -nodes -sha256 \-days 3650 -key localhost.key -subj '/O=WebID/CN=Brent Shambaugh/' > localhost.crt
[5] openssl x509 -noout -text -in localhost.crt
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12316411301973396186 (0xaaecaed2f1bb0ada)
Signature Algorithm: sha256WithRSAEncryption
Issuer: O=WebID, CN=Brent Shambaugh
Validity
Not Before: Aug 25 15:07:43 2016 GMT
Not After : Aug 23 15:07:43 2026 GMT
Subject: O=WebID, CN=Brent Shambaugh
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c4:1f:69:30:21:88:e6:13:f3:df:09:e5:cd:50:
68:59:9e:5c:c6:f8:90:45:b5:1a:b6:c1:cf:d6:86:
25:b6:52:bc:58:59:36:1d:1e:ca:34:5c:47:37:a3:
23:e9:f9:de:bd:53:44:2f:dd:18:38:b0:de:19:10:
73:79:5c:70:8c:3c:44:22:e7:64:06:ff:83:c8:2f:
ca:ab:7a:13:e9:13:55:c7:ed:b2:75:cb:d4:93:d6:
ef:1a:25:c3:ed:74:cb:3a:9f:2d:a6:c8:61:83:f7:
04:e1:af:4c:d9:a5:93:fa:0c:21:cd:5f:cc:86:21:
8f:8f:63:bc:ba:0c:c0:b8:41:d4:5e:2a:16:b5:cb:
48:d1:29:be:e3:ff:36:3f:22:a3:34:d8:4c:06:0e:
96:58:38:75:da:40:83:cb:1f:e0:7b:6f:b1:00:dc:
63:21:22:a4:6d:39:89:e6:3d:79:ca:ff:7f:10:4f:
16:b0:43:6f:26:f6:04:bb:69:49:87:ac:15:cc:8a:
24:40:df:74:92:28:d5:83:5d:77:43:3c:7a:31:2f:
32:8a:51:e2:dd:c0:d3:8b:a5:95:45:50:4f:2f:6d:
fa:d1:6d:e6:02:db:19:3a:2d:ca:60:11:bd:53:14:
98:74:4a:90:52:16:c2:87:d8:c2:f9:cb:fe:63:fe:
e3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BB:34:0C:42:38:F8:8E:A1:E7:D7:B9:05:30:2B:BF:49:AD:74:4C
X509v3 Authority Key Identifier:
keyid:35:BB:34:0C:42:38:F8:8E:A1:E7:D7:B9:05:30:2B:BF:49:AD:74:4C
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Alternative Name:
URI:http://bshambaugh.org/profile#me
Signature Algorithm: sha256WithRSAEncryption
0f:b3:65:41:cc:d1:9f:81:a4:62:be:80:7f:f1:0a:ee:b2:24:
85:d3:b2:41:e6:f6:e3:10:e4:72:61:d0:d5:5e:07:71:ef:63:
6d:43:5b:ea:e1:77:9e:66:05:f2:de:17:c1:b7:9c:7b:91:d8:
41:45:a2:b3:1e:f8:c1:41:c0:58:6f:f3:43:22:7c:a8:17:8d:
b7:51:ae:b8:fc:5d:2f:bb:88:ae:b4:8e:d4:65:fe:8d:05:95:
09:ec:c5:42:04:9d:ce:f7:25:f7:02:b5:87:54:46:d7:9f:90:
ad:e3:6a:8e:bc:17:a1:33:b1:47:bd:a2:99:69:ef:b3:47:72:
63:07:be:4a:fe:6e:c4:0e:59:f9:14:c7:49:0b:97:d6:13:97:
0f:d7:52:e2:c8:19:54:24:a0:fb:54:2e:a7:12:d7:f2:e8:e7:
1e:26:62:7f:0f:2f:58:ed:f4:fb:7a:e1:21:4b:e1:e0:0c:f2:
36:ab:cd:a2:ab:f5:25:14:55:b1:78:95:b4:23:af:e2:ce:95:
28:07:21:5e:74:2e:7d:1b:67:b1:67:66:9e:49:22:9e:82:2f:
9a:64:eb:53:41:ee:0f:ce:18:0e:80:94:f0:4a:5d:ab:50:fc:
f3:4d:5c:94:e4:7f:82:c0:65:8d:1e:1f:0e:21:ca:c5:a4:77:
29:f7:c3:ee
------------
Inspiration: http://stackoverflow.com/questions/21488845/how-can-i-generate-a-self-signed-certificate-with-subjectaltname-using-openssl
Reference: https://tools.ietf.org/html/rfc5280
-------------------
The idea is to embed this in the php exec() or shell_exec() function. If this does not work satisfactorily of if Node.js is desired instead try https://www.npmjs.com/package/webid