Configure Subject Alternative Names

About this task

Use this procedure to protect additional host names with a single certificate.

Note

Note

The switch supports 100 subject alternative names.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Configure a subject alternative name for the entity:

    certificate subject-alternative-name {[dns WORD<1-255>] [e-mail WORD<1-255>] [ip> WORD<1-255>] [subject-name WORD<1-45>]}

    Note

    Note

    Note

    Note

    You can configure up to 10 distinct subject names. The default subject name is Global.

  3. View the subject alternative names configured on the switch:

    show certificate subject-alternative-name

Examples

Configure a subject alternative name subject name 822:

Switch:1>enable
Switch:1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch:1(config)#certificate subject-alternative-name subject-name 822 dns 822.extremenetworks.com
Switch:1(config)#certificate subject-alternative-name subject-name 822 e-mail name@company.com
Switch:1(config)#certificate subject-alternative-name subject-name 822 ip 192.0.2.22

View the configuration:

Switch:1>show certificate subject-alternative-name
==========================================================================================
                                   SAN Table
==========================================================================================
TYPE     NAME                       SUBJECT                       
------------------------------------------------------------------------------------------
E-MAIL   name@company.com           822                        
DNS      822.extremenetworks.com    822                           
IP       192.0.2.22                 822

Configure a subject alternative name with the default subject name:

Switch:1>enable
Switch:1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch:1(config)#certificate subject-alternative-name dns name@extrnetwk.com
Switch:1(config)#certificate subject-alternative-name e-mail j.smith@extremenetworks.com
Switch:1(config)#certificate subject-alternative-name ip 192.0.2.23

View the configuration:

Switch:1>show certificate subject-alternative-name
======================================================================================                                   
                                        SAN Table
======================================================================================
TYPE     NAME                                  SUBJECT                       
--------------------------------------------------------------------------------------
E-MAIL   j.smith@extremenetworks.com           Global                        
DNS      name@extrnetwk.com                    Global                           
IP       192.0.2.23                            Global

Variable Definitions

The following table defines parameters for the certificate subject-alternative-name command.

Variable Value
dns WORD<1-255> Specifies the DNS subject alternative name.
e-mail WORD<1-255> Specifies the e-mail subject alternative name.
ip WORD<1-255> Specifies the IP subject alternative name.
subject-name WORD<1-45> Specifies the Subject Identity Label to be used in local digital certificate request. You can configure up to 10 subject DN identities. If the subject-name is not specified, the default subject name is Global.
9039040-00 Rev AB