On Tue, Jan 29, 2002 at 10:56:16AM +1000, Andrew Pollock wrote: > I'm trying to roll my own wildcard certificate (i.e. where the CN = > *.domain.com)
> I'm assuming there's more to it than just putting an asterisk in the CN field? While CN="*.domain.com" is the typical thing to do, I've found that netscape and mozilla (though I've not tried it with the latest versions) had no problem accepting a cert where CN='domain.com' for any machine foo.domain.com. I never had an opportunity to try it myself w/ ie or opera, but I never got any complaints from users of them either. Whether the behavior I saw is best considered a bug or a feature, I'll leave to debate. -JimC ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
