diff --git a/gestion/cert_utils.py b/gestion/cert_utils.py
index 98230ba4..f7801a0f 100644
--- a/gestion/cert_utils.py
+++ b/gestion/cert_utils.py
@@ -189,10 +189,10 @@ def createCertRequest(pkey, digest="sha1", subjectAltName=[], **name):
     subj = req.get_subject()
     for (key,value) in name.items():
         setattr(subj, key, value)
+    exts = []
     if subjectAltName:
-        exts = []
-        for altName in subjectAltName:
-            exts.append(crypto.X509Extension("subjectAltName", True, "DNS:%s" % altName))
+        exts.append(crypto.X509Extension("subjectAltName", False, ", ".join(["DNS:%s" % altName for altName in subjectAltName])))
+    if exts:
         req.add_extensions(exts)
     req.set_pubkey(pkey)
     req.sign(pkey, digest)
diff --git a/gestion/dialog/certificat.py b/gestion/dialog/certificat.py
index 8ade7974..bbbd9ce5 100644
--- a/gestion/dialog/certificat.py
+++ b/gestion/dialog/certificat.py
@@ -15,6 +15,8 @@ import tempfile
 import traceback
 if '/usr/scripts' not in sys.path:
     sys.path.append('/usr/scripts')
+import gestion.secrets_new as secrets
+
 from OpenSSL import crypto, SSL
 
 from gestion.cert_utils import createCertRequest
@@ -232,6 +234,17 @@ les valeurs valident sont :
 
     def gen_csr(self, certificat, cont):
         """Permet de générer un csr à partir de la clef privée du certificat"""
+        def box(text):
+            fp, path = tempfile.mkstemp()
+            os.write(fp, text)
+            os.close(fp)
+            self.dialog.textbox(filename=path, height=0, width=0,
+                  backtitle="Appuyez sur CTRL+MAJ+V pour coller",
+                  title="Récupération d'un certificat",
+                  no_mouse=True, timeout=self.timeout,)
+            os.remove(path)
+            return
+
         def todo(certificat, self_cont, cont):
             if certificat['encrypted']:
                 if "machineCrans" in certificat.machine()["objectClass"]: