[ req ]
prompt = no
encrypt_key = no

distinguished_name = sec0
req_extensions = sec2

[ sec0 ]
O=DOMAIN.EXAMPLE.COM
CN=machine.example.com

[ sec1 ]
DNS = machine.example.com

[ sec2 ]
subjectAltName = @sec1