As I said below: this depends on the application. I agree with you in that
amazon.com point (and many other applications). But this is not the problem
with servlet-applications (where the user does not see this message) and in
cases, where I simply want a secure connection - I think we will end up in a
philosophical discussion ... ;)
But over all I have got another way to solve the problem, which is used in
practical applications I know:
- order the certificate for one server (and domain name); let's call it the
"secure server"
- the user can enter your different domains with normal http
- if a secure connection is needed, you can link the secure part of your
application via https to your secure server and everything is ok with the
security information messages of your clients
Regards,
Ronald Ruzicka
> [mailto:[EMAIL PROTECTED]]Im Auftrag von Owen Boyle
> Betreff: Re: AW: hostname and cert common name different?
>
>
> Ronald Ruzicka wrote:
> >
> > If a client does a request (using SSL) to the server he will
> get the usual
> > message ("security information") from his browser: it tells,
> that this is a
> > certificate from a trusted certification organisation, that the date is
> > correct; but it tells as well, that the name of the certificate
> is not the
> > same as the site name. But then everything works ok.
> >
>
> So if you go to amazon.com and get a warning that the certificate
> doesn't match the site name, you would just type in your credit card
> number anyway?
>
> Authentication is an essential part of SSL. It is not just about
> encryption.
>
> Rgds,
>
> Owen Boyle.
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
