Has anyone successfully create a double wildcard certificate
(*.*.domain.com) ? Does it work with MSIE 6 XP service pack 2 ?
Attached is my openssl.cnf, my test CSR, and my test certificate. Can you
please see if anything wrong?
Does anyone has a working certificate with subjectAltName that I can take a
look ?
Thank you
Khai
From: "Dr. Stephen Henson" <[EMAIL PROTECTED]>
Reply-To: openssl-users@openssl.org
To: openssl-users@openssl.org
Subject: Re: Wildcard ssl certificate using subjectAltName
Date: Mon, 13 Feb 2006 18:47:19 +0100
On Mon, Feb 13, 2006, Victor Duchovni wrote:
> On Sat, Feb 11, 2006 at 01:34:28AM -0700, Kyle Hamilton wrote:
>
> > It can be an IP, but I'm not sure about the
> > encoding rules for it (SMTP requires an IP in the destination field to
> > be in the form [192.168.1.1] (in square brackets)
>
> This is really the "domain literal" construct in the mailbox grammar of
> RFC822/821. It is not used alone.
>
> [EMAIL PROTECTED]
>
The semantics for dNSName, which this refers to are stricter.
It has to be a hostname, cannot be an IP address (the iPAddress form is for
that) and cannot contain wild cards.
This is mentioned in RFC3280 et al.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]