SSL certificate working in chrome but not openssl s_client or curl

ssl-certificate curl openssl ubuntu-14.04

Found a clearer tutorial that had a much simpler openssl.conf. In my original attempts to add SANs I must have un-commented extra lines in the conf that were adding extra info to the certs causing conflicts. Followed this template and my certificate is working all round:

[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req

[req_distinguished_name]
countryName = Country Name (2 letter code)
countryName_default = US
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = MN
localityName = Locality Name (eg, city)
localityName_default = Minneapolis
organizationalUnitName  = Organizational Unit Name (eg, section)
organizationalUnitName_default  = Domain Control Validated
commonName = Internet Widgits Ltd
commonName_max  = 64

[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = kb.example.com
DNS.2 = helpdesk.example.org
DNS.3 = systems.example.net
IP.1 = 192.168.1.1
IP.2 = 192.168.69.14

Thanks for your comments @garethTheRed. Your comments helped me re-think my approach to debugging this issue.

Even starting a post here helps me lay out what I've tried and helps the brain think up more possible solutions.

Related

Proper method to disable polkit.service on CentOS 7
how to install docker-ce 17+ on centos 6.9?
Any cocoa source code for AES encryption decryption?
Java Front Controller [duplicate]
.xlsx and xls(Latest Versions) to pdf using python
Codeigniter REST CSV import to mysql
Is it possible to use any HTML5 fanciness to export local storage to Excel?
CasperJS passing data back to PHP
Dynamic SQL to generate column names?
setAttribute and video.src for changing video tag source not working in IE9
How to capture current view screenshot and reuse in code? (iPhone SDK)
Broadcast Receiver to detect application start