dumbloser wrote:
I am developing a web application at home using XP Pro and IIS 5.1. I want to use https:// to access the application. I made a certificate for localhost using OpenSSL, and it work fine on my XP. I need to access the application from other place, like in the same network or from the Internet. I find out my cell phone (LG KS20) cannot accept the certificate, since it does notmatch the web site (192.168.1.100).Could I make a wildcard certificate for all situation (localhost, 192.168.1.100, ???.mydomain.no-ip.org, etc)? That is, can I put * as the common name for the certificate?
There is no wildcard that matches everything. I tend to use the split views DNS feature in BIND for this where it will report a different answer to clients outside the firewall than inside it. Barring that, two DNS names, one for inside and outside would work using the subjectAltName extension. You can also specify IP address alt names as well. Your CN should be set to exactly one name for compatibility and should be repeated in the subjectAltName extension along with other names.
subjectAltName = DNS:*.mydomain.no-ip.org, DNS:localhost,
IP:192.168.1.100, IP:::1
Thank you for any suggestion.
-- Loren M. Lang [EMAIL PROTECTED] http://www.alzatex.com/ Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: 10A0 7AE2 DAF5 4780 888A 3FA4 DCEE BB39 7654 DE5B
smime.p7s
Description: S/MIME Cryptographic Signature
