From 8a0eaeb8b5e2b0b158036158b95fa7a2b9c3861d Mon Sep 17 00:00:00 2001
From: Jeremy Albright <jeremy.albright@manaollc.com>
Date: Tue, 15 Oct 2019 14:05:49 -1000
Subject: [PATCH 1/2] Reorder SAN for firefox trust

---
 openssl-configurations/domain-certificates.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openssl-configurations/domain-certificates.conf b/openssl-configurations/domain-certificates.conf
index 48eb5d6..63658f3 100644
--- a/openssl-configurations/domain-certificates.conf
+++ b/openssl-configurations/domain-certificates.conf
@@ -35,5 +35,5 @@ extendedKeyUsage = serverAuth
 subjectAltName = @subject_alt_names
 
 [ subject_alt_names ]
-DNS.1 = *.<%= domain %>
-DNS.2 = <%= domain %>
\ No newline at end of file
+DNS.1 = <%= domain %>
+DNS.2 = *.<%= domain %>
\ No newline at end of file

From cd82bbe2e72d9921fc3c8ff7365a0ff8acc3570a Mon Sep 17 00:00:00 2001
From: Jeremy Albright <jeremy.albright@manaollc.com>
Date: Tue, 15 Oct 2019 14:17:30 -1000
Subject: [PATCH 2/2] Reorder SAN for firefox trust

---
 .../domain-certificate-signing-requests.conf                  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openssl-configurations/domain-certificate-signing-requests.conf b/openssl-configurations/domain-certificate-signing-requests.conf
index 4196ba2..fbc2bac 100644
--- a/openssl-configurations/domain-certificate-signing-requests.conf
+++ b/openssl-configurations/domain-certificate-signing-requests.conf
@@ -21,5 +21,5 @@ subjectAltName = @subject_alt_names
 subjectKeyIdentifier = hash
 
 [ subject_alt_names ]
-DNS.1 = *.<%= domain %>
-DNS.2 = <%= domain %>
\ No newline at end of file
+DNS.1 = <%= domain %>
+DNS.2 = *.<%= domain %>
\ No newline at end of file