Tech

Ubiquiti devices disconnected

Today I had an unfortunate power outage at my home, therefore my lab was shutdown inadvertently. After powering up my systems again some Ubiquiti devices which were registered with my Unifi Controller had the disconnected status, even though I was able to ping them. After some reboots, and re-adoptions I didn’t get them online.  (more…)

Lab Expansion: Like in the old days

Currently i’m running my home lab environment on three physical Intel NUC devices. ESXi 6.5 is installed on each one of the NUCs and they are running a vSAN cluster (two M2 SSD inside each NUC, one for cache and the other for the capacity tier). Each NUC  comes with 32 GB memory and a Intel(R) Core(TM) i5-6260U CPU @ 1.80GHz installed as well. Due to the fact that the Intel NUCs are just not flexible enough for me to test certain scenarios I decided to expand my existing lab environment.

(more…)

OpenSSL: Create CSR for certificate with additional Subject Alternative Name(s) (Windows)

Procedure to create CSR with SAN (Windows)

  • Login into server where you have OpenSSL installed (or download it here)
  • Go to the directory where openssl is located (on Windows)
  • Create a file named sancert.cnf  with the following information
[ req ]
default_bits       = 2048
distinguished_name = req_distinguished_name
req_extensions     = req_ext
[ req_distinguished_name ]
countryName                 = Country Name (NL)
stateOrProvinceName         = State or Province Name (ZH)
localityName               = Locality Name (AADR)
organizationName           = Organization Name (WGE)
commonName                 = Common Name (e.g. server FQDN)
[ req_ext ]
subjectAltName = @alt_names
[alt_names]
DNS.1   = sslcert.wesleygeelhoed.nl
DNS.2   = dns2.com
DNS.3   = dns3.com

* You can add even more subject alternative names if you want. Just add DNS.4 = etcetera…

  • Save the file and execute following OpenSSL command, which will generate CSR and KEY file
openssl req -out sslcert.csr -newkey rsa:2048 -nodes -keyout private.key -config sancert.cnf

This will create sslcert.csr and private.key in the present working directory. Request your certificate with the created CSR and you’re all set!