[Date Prev][Date Next] [Chronological] [Thread] [Top]

Antwort: Re: SSL certificates, kerberos keytabs, and load balancing [Virus checked]

>>  >commonName=ldap1.example.com
>>  >subjectAltName=commonName: ldap.example.com

>You should test whether all your SSL/TLS-enabled LDAP applications really
>look at subjectAltName extension!

Does this mean:

A) Most applications will work OK, but it's still possible that some are broken.


B) Setting "subjectAltName=commonName: <service cluster FQN>" should teoretically  solve the problem, but the reality is different and many client apps don't know it.