Just add the following line to your config/openssl.cnf file, in the [ v3_ca ] section:
subjectAltName = DNS:www.test.com,DNS:*.kensystem.com,DNS:*.etc.com
This line adds additional domains that browsers will validate a certificate against. Note the comma-separated-list format ; it aloows you to add as many for few as you want. As in the example, you can also use wild card certs.
I've verified that all modern browsers support this; Mozilla, Firebird, Safari, & IE. Theoretically, older software that uses SSL (email clients, etc) may not have support for this feature. It also does not provide a distinct cert based on IP address (the contemporary ssl binding method), but that's probably not going to be a problem for most of us.
Cheers,
ken
------------------------------------------------------- To unsubscribe please go to http://www.sambar.ch/list/
