[Date Prev][Date Next]
Re: OpenLDAP and wildcard SSL certs
Thanks for the feedback:
On Thu, Apr 14, 2005 at 11:33:16AM -0400, Mike Wisener wrote:
> Did you verify the subjectAltName was actually added on your signed
> certificate? openssl x509 -in <cert> -text
Yes, I did.
> As far as I know, CN should be the fully qualified domain
> name. subjectAltName should have the wildcard.
But that defeats the whole purpose. Then you'd have to have one cert.
for each FQDN and then what's the point of using a wildcard at all?
Or am I misunderstanding what you're saying?
Brent J. Nordquist <firstname.lastname@example.org> N0BJN
Other contact information: http://kepler.its.bethel.edu/~bjn/contact.html