--- /dev/null
+#make the signing process include the subjectAltName
+extensions = v3_req
+
+[req]
+default_bits = 2048
+encrypt_key = yes
+distinguished_name = req_dn
+req_extensions = v3_req
+prompt = no
+
+[req_dn]
+C=US
+ST=Massachusetts
+L=Anytown
+O=OUYA
+OU=custom OUYA store
+CN=*.ouya.tv
+emailAddress=ouya+dummy@example.org
+
+[v3_req]
+nsCertType = server
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = ouya.tv
+DNS.2 = *.ouya.tv
+DNS.3 = *.ouya.tv.bogo