cert: additional ip addresses in SANs #5601
Labels
theme/tls
Using TLS (Transport Layer Security) or mTLS (mutual TLS) to secure communication
type/enhancement
Proposed improvement or new feature
Comments
pearkes
added
type/enhancement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature Description
The command
consul tls cert create -additional-dnsname=<value>allows generating certs with additional names (+ localhost and 127.0.0.1) in the Subject Alternative Names, which is really useful and easy to use.I would like to have a similar feature to add IP addresses in the SANs.
Use Case(s)
My personal use-case: I'm testing Consul and Vault on the same machine with multiple daemons bound on local addresses (127.0.1.1, 127.0.2.1, 127.0.3.1, 127.0.4.1, etc.). And it works really well but the addresses need to be declared in /etc/hosts with corresponding hostnames. I have, of course, errors if I request directly the daemons on their IP with curl or other external tools.
More real use-cases:
The text was updated successfully, but these errors were encountered: