Bruce Keats wrote: > Don't forget that if you have host names in the Subject Alternative Name > extension, then ALL the names in the cert belong there, not all-but-one. > But This is no different than it was in FF2. > > I don't think I fully understand the "ALL the names" in this context. > What might help me is if can you elaborate with a simple example?
I'll let Nelson or someone else provide the definitive answer to this, but I believe what he's saying is that, e.g., if you have three hostnames a.example.com, b.example.com, and c.example.com that are used for a given server, and you use SubjAltName, you should put all three names in the extension, as opposed to (e.g.) putting CN=a.example.com and then just b.example.com and c.example.com in SubjAltName. Frank -- Frank Hecker [EMAIL PROTECTED] _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
