Found the note about the accepted URL syntax: The ``url`` schema can be ``http`` or ``https``, but since Kea version 1.9.6 the ``https`` schema requires a TLS setup. The hostname part must be an IPv4 address or an IPv6 address between square brackets, e.g. ``http://[2001:db8::1]:8080/``. Names are not accepted.
About the name in TLS certificates it depends on the crypto backend so either OpenSSL or Botan and for OpenSSL the version too. Here are the notes about creating the crypto material (i.e. certificates) for tests (src/lib/asiolink/testutils/ca/doc.txt): Some critical details: - recent versions of OpenSSL requires at least 2038 bit RSA - certificate version should be 3 (enforced by Botan for leaves), if openssl creates a version 1 add an extension - RSA allows a simpler format than PKCS#8 for RSA private keys but Botan and other algorithms require PKCS#8 - some tools check the alternate subject name of the server so put a correct value in it The last point should answer to your question about what name to use in certificates. There were some discussions about self-signed certificates too: usually they are not accepted for end-entity certificates. Thanks Francis Dupont <fdup...@isc.org> -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
