Hi Martin, On Freitag, 16. September 2016 16:38:55 CEST Martin Bartosch wrote: > > so the only thing that's open is the policy violation (and ui fix) ;-) > Well spotted. Could you raise an issue describing the problem on the Github > tracker please?
Yep, I'll open an issue (probably not before next week...). > However, I would like to suggest not to use IP addresses in certificates. In > my experience there is very little benefit to do so if it is possible to > use FQDNs as SANs. > My recommendation is to only use DNS name SANs (and always FQDNs) and not to > use IPs at all. I totally agree with you, but if our company security policy demands for ipv4/ ipv6 addresses in SAN, I have to find a way to solve that problem. The question for me is, how can I further troubleshoot - no other option than code reading? Or do you have any hint, on where the policy violation might occur? Thanks, Andreas ------------------------------------------------------------------------------ _______________________________________________ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
