[
https://issues.apache.org/jira/browse/TS-3243?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14289301#comment-14289301
]
Susan Hinrichs commented on TS-3243:
------------------------------------
This fixes the GD case. If the subject name is repeated in the SAN, we do not
warn. Not sure if this addresses the case Dave is seeing. Let me know if this
does not address the wildcard repeat.
> Warnings from loading legitimate TLS certificates
> -------------------------------------------------
>
> Key: TS-3243
> URL: https://issues.apache.org/jira/browse/TS-3243
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Reporter: Leif Hedstrom
> Assignee: Susan Hinrichs
> Fix For: 5.3.0
>
>
> When loading a legitimate certificate (from Go Daddy), which has a domain
> name of trafficserver.apache.org as well as some SNs which includes
> trafficserver.apache.org as well, we get these warnings:
> {code}
> [Dec 17 16:01:19.540] Server {0x2b58fdcadf40} NOTE: loading SSL certificate
> configuration from /usr/local/etc/trafficserver/ssl_multicert.config
> [Dec 17 16:01:19.545] Server {0x2b58fdcadf40} WARNING: previously indexed
> 'trafficserver.apache.org' with SSL_CTX 0x1, cannot index it with SSL_CTX #2
> now
> {code}
> I've looked at a couple certs from GD, and this practice seems normal. I
> don't think we should warn on this case, if the domain name for the cert is
> duplicated in the SN, just ignore the latter right ?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
