> IE checks the server name against each CN's individually.

I found that by experimentation too. I have VBScript sample on how to generate
such a CSR request for IIS using the CryptoAPI.

Furthermore, IE does not care if the CNs have different domains.



-or even-


You can self-sign such a cert with OpenSSL just fine. Whether you can get a real
CA to sign such a thing is another matter.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to