> On Dec 22, 2018, at 9:12 PM, Salz, Rich via openssl-users > <openssl-users@openssl.org> wrote: > > Putting the DNS name in the CN part of the subjectDN has been deprecated for > a very long time (more than 10 years), although it is still supported by many > existing browsers. New certificates should only use the subjectAltName > extension.
Are any CAs actually doing that? I thought they all still included subject.CN. -F -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users