[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6838) TLS client will not accept certificate for 'localhost'

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#6838) TLS client will not accept certificate for 'localhost'
From: Kurt@OpenLDAP.org
Date: Fri, 18 Feb 2011 18:34:25 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

On Feb 18, 2011, at 9:37 AM, hyc@symas.com wrote:

> Closing this ITS. It's not a regression and not a bug, just a long =
established=20
> feature.

Right, the bug is listing non-fully-qualified names as subjects in the =
certificate.

So, generally speaking, subject names checks fail, as they should fail, =
when the asserted name is not fully-qualified.

The intent of the code is avoid always failing when the =
non-fully-qualified asserted name can be securely transformed into a =
fully-qualified name.  This is a feature.

-- Kurt=

Prev by Date: Re: (ITS#6838) TLS client will not accept certificate for 'localhost'
Next by Date: Re: (ITS#6838) TLS client will not accept certificate for 'localhost'
Index(es):
- Chronological
- Thread