[Date Prev][Date Next]
Re: Multi-homed machine and TLS
El Miércoles, 15 de Septiembre de 2004 10:38, Imobach González Sosa escribió:
> Hi all,
> We've got a multi-homed (and aliased machine) and we're using TLS to secure
> communications. The problem is about the certificate: the commonName must
> be the host's FQDN, but this machine could be referred using different
> names, so TLS only works with one of the host's names. I've read something
> about subjectAltName when generating the ssl certificates... is that the
> right direction to the solution?
Ok, we've generated a SSL certificate with
If we type
$ openssl s_client -CAfile /usr/share/ssl/certs/cacert.pem \
-connect name2.domain.com:636 -tls1 -showcerts
it seems to work pretty fine (subjectAltName attribute is listed). However,
when we try using ldapsearch, we've got a TLS error. It seems that it's only
checking the commonName (if we specify the commonName instead of one of the
aliases, it works).
Any idea? Thank you in advance.
Imobach González Sosa
Servicio de Informática y Comunicaciones de la ULPGC
Teléfono: +34 928 459519