[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6838) TLS client will not accept certificate for 'localhost'
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#6838) TLS client will not accept certificate for 'localhost'
- From: Kurt@OpenLDAP.org
- Date: Fri, 18 Feb 2011 18:34:25 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
On Feb 18, 2011, at 9:37 AM, hyc@symas.com wrote:
> Closing this ITS. It's not a regression and not a bug, just a long =
established=20
> feature.
Right, the bug is listing non-fully-qualified names as subjects in the =
certificate.
So, generally speaking, subject names checks fail, as they should fail, =
when the asserted name is not fully-qualified.
The intent of the code is avoid always failing when the =
non-fully-qualified asserted name can be securely transformed into a =
fully-qualified name.  This is a feature.
-- Kurt=