Configure Subject Alternative Names

About this task

Use this procedure to protect additional host names with a single certificate.

Note

Note

The switch supports 100 subject alternative names.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Configure a subject alternative name for the entity:

    certificate subject-alternative-name {[dns WORD<1-255>] [e-mail WORD<1-255>] [ip> WORD<1-255>] [subject-name WORD<1-45>]}

    Note

    Note

    Note

    Note

    You can configure up to 10 distinct subject names. The default subject name is Global.

  3. View the subject alternative names configured on the switch:

    show certificate subject-alternative-name

Examples

Configure a subject alternative name subject name 822:

Switch:1>enable
Switch:1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch:1(config)#certificate subject-alternative-name subject-name 822 dns 822.extremenetworks.com
Switch:1(config)#certificate subject-alternative-name subject-name 822 e-mail name@company.com
Switch:1(config)#certificate subject-alternative-name subject-name 822 ip 192.0.2.22

View the configuration:

Switch:1>show certificate subject-alternative-name
====================================================================================================
                                   SAN Table
====================================================================================================
TYPE     NAME                       SUBJECT                       
-----------------------------------------------------------------------------------------------------------
E-MAIL   name@company.com           822                        
DNS      822.extremenetworks.com    822                           
IP       192.0.2.22                 822 

Configure a subject alternative name with the default subject name:

Switch:1>enable
Switch:1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch:1(config)#certificate subject-alternative-name dns name@extrnetwk.com
Switch:1(config)#certificate subject-alternative-name e-mail j.smith@extremenetworks.com
Switch:1(config)#certificate subject-alternative-name ip 192.0.2.23

View the configuration:

Switch:1>show certificate subject-alternative-name
======================================================================================                                   
                                        SAN Table
======================================================================================
TYPE     NAME                                  SUBJECT                       
--------------------------------------------------------------------------------------
E-MAIL   j.smith@extremenetworks.com           Global                        
DNS      name@extrnetwk.com                    Global                           
IP       192.0.2.23                            Global 

Variable Definitions

The following table defines parameters for the certificate subject-alternative-name command.

Variable Value
dns WORD<1-255> Specifies the DNS subject alternative name.
e-mail WORD<1-255> Specifies the e-mail subject alternative name.
ip WORD<1-255> Specifies the IP subject alternative name.
subject-name WORD<1-45>
Note:

Exception: Not supported on VSP 8600 Series.

Specifies the Subject Identity Label to be used in local digital certificate request. You can configure up to 10 subject DN identities. If the subject-name is not specified, the default subject name is Global.