Is there a way to get a .crt and .key file with the subject alternative name set? I am configuring a proxy with an openssl .crt and .key generated by this command
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout proxy.key -out proxy.crt
I then cat the .key and .crt to get a .pem and use that on the client side. This cert works fine for securing the https connection but I get a warning that the Subject Alternative Name is not set in the certificate. In another client I use the warning is actually an error that terminates the connection.
The solution here https://security.stackexchange.com/a/91556 gives me a .csr which I rename to become the .crt I need, and when I use this with the client the https connection fails on incorrect ssl certificate.
Is there a way to get a .crt and .key file with the subject alternative name set?
Yes, but you cannot do it from the command line. You have to use a CONF file.
For setting the SAN via a CONF file, see How do you sign Certificate Signing Request with your Certification Authority and How to create a self-signed certificate with openssl?. Both include the SAN in the procedures.