C=FR;O=JANUS;CN="server1";CN=server2"
What I mean with LAST is: The code gives server1, but what should be compared should be server2
Victor Duchovni wrote:
Yes, I suppose, all kinds of ssl client apss have almost the same code, and often make the same error. :-) In fact, I believe that such code should be part of a utility function in openssl that gets the dnsname and/Ip address as input and says whether the cert is good for that.On Wed, Nov 30, 2005 at 06:40:38PM +0100, Peter Sylvester wrote:The code below gives the FIRST Common Name RDN, not the last one in the hierarchy to be tested as a servername in tls.Yes, that is its purpose, verifying DNS names in server certificates. There is more code (not shown) that first looks at SubjectAltName:DNS...
--To verify the signature, see http://edelpki.edelweb.fr/ Cela vous permet de charger le certificat de l'autorite'; die Liste mit zuru"ckgerufenen Zertifikaten finden Sie da auch.
smime.p7s
Description: S/MIME Cryptographic Signature
