Thank you for your reply. Althought there are many TERMS I don't understand, thank you very much. I ill learn more. :clap:
Loren M. Lang wrote: > > dumbloser wrote: >> I am developing a web application at home using XP Pro and IIS 5.1. I >> want to >> use https:// to access the application. I made a certificate for >> localhost >> using OpenSSL, and it work fine on my XP. I need to access the >> application >> from other place, like in the same network or from the Internet. I find >> out >> my cell phone (LG KS20) cannot accept the certificate, since it does not >> match the web site (192.168.1.100). >> >> Could I make a wildcard certificate for all situation (localhost, >> 192.168.1.100, ???.mydomain.no-ip.org, etc)? That is, can I put * as the >> common name for the certificate? > > There is no wildcard that matches everything. I tend to use the split > views DNS feature in BIND for this where it will report a different > answer to clients outside the firewall than inside it. Barring that, > two DNS names, one for inside and outside would work using the > subjectAltName extension. You can also specify IP address alt names as > well. Your CN should be set to exactly one name for compatibility and > should be repeated in the subjectAltName extension along with other names. > > subjectAltName = DNS:*.mydomain.no-ip.org, DNS:localhost, > IP:192.168.1.100, IP:::1 > >> >> Thank you for any suggestion. > > > -- > Loren M. Lang > [EMAIL PROTECTED] > http://www.alzatex.com/ > > > Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc > Fingerprint: 10A0 7AE2 DAF5 4780 888A 3FA4 DCEE BB39 7654 DE5B > > > -- View this message in context: http://www.nabble.com/Can-I-make-a-wildcard-certificate-for-IIS--tp18678153p18788040.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
