pkey generated: openssl 1.1.1g
csr generated: openssl 1.1.1g
csr domains:
	-subject: a.example.com
	-san: b.example.com, c.example.com, d.example.com
cert domains:
	-all: a.example.com, b.example.com, c.example.com, d.example.com
	-subject: a.example.com
	-san: a.example.com, b.example.com, c.example.com, d.example.com

# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

ACME-v2 does not support this

	Response: {u'status': 403, u'type': u'urn:ietf:params:acme:error:unauthorized', u'detail': u'Order includes different number of DNSnames identifiers than CSR specifies'}
	
	ALL DOMAINS MUST BE IN THE SAN

# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

# ==============================================================================

/usr/local/bin/openssl genrsa -out privkey.pem 1024
/usr/local/bin/openssl req -new -sha256 -key privkey.pem -subj "/CN=a.example.com" -addext "subjectAltName = DNS:b.example.com, DNS:c.example.com, DNS:d.example.com" > csr.pem

acme-tiny --account-key ../_support/account.key --csr ./csr.pem --acme-dir ../_support/_challenges > ./cert.pem
