Hello! After upgrading from 7.19.4 to 7.19.6 I experiencing the following problem:
I'm getting the following error message: "subjectAltName does not match <URL>" In detail I have the following entries: Issuer: CN=www.anduras.de, C=DE, L=Passau, ST=Bavaria, O=ANDURAS AG, OU=Security/[email protected] Subject: C=DE, L=Passau, ST=Bavaria, O=ANDURAS AG/[email protected], C=Germany X509v3 extensions: X509v3 Subject Alternative Name: email:[email protected] I saw, that between version 1.235 and 1.236 of the "ssluse.c" file an additional test was added. See: http://cool.haxx.se/cvs.cgi/curl/lib/ssluse.c.diff?r2=1.236&r1=1.235&diff_format=h My problem is, that my certificate uses the "subjectAltName" field, but only for an additional email address. There is no URI entry present! I think the check should only fail, if it did not matched an *URI* field with the same hostname. Additional fields (with other types) should be ignored. In other words: The test should only fail, if any "GEN_DNS" or "GEN_IPADD" type was found. What do you think?! Regards Sven Anders -- Sven Anders <[email protected]> () Ascii Ribbon Campaign /\ Support plain text e-mail ANDURAS service solutions AG Innstrasse 71 - 94036 Passau - Germany Web: www.anduras.de - Tel: +49 (0)851-4 90 50-0 - Fax: +49 (0)851-4 90 50-55 Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. - Benjamin Franklin
<<attachment: anders.vcf>>
signature.asc
Description: OpenPGP digital signature
