i just started the Thawte Server Cert Enrollment process on Thawte's web
pages (https://www.thawte.com/cgi/server/step1.exe). on the first page of
the enrollment process i cut and pasted the Certificate Signing Request.
on the second page of the enrollment i got puzzled by a piece of text
which states that:
Desired Secure URL: https://puppa.huuhaa.org/
It is very important that you confirm that you wish to secure the
web server at puppa.huuhaa.org. Based on the current request
details, if your secure URL begins with anything other than
https://puppa.huuhaa.org/ then most browsers will give a warning
about a mismatched certificate site name.
i'm a bit confused by this message. the common name field in the
certificate signing request is CN=puppa.huuhaa.org. how can it be that
browsers would give name mismatch warnings if the URL used is not
https://puppa.huuhaa.org/? don't browsers match server name against the
certificate's CN field's value and not the URL through which the server is
accessed?
--
marko asplund
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
