R; Ramesh R.;
Srini Narayana
Subject: [edk2-devel] reg: Host Name Validation with Wild Card Certificate
Hello all:
Need a clarification on the Host Name support added in the HTTP Boot.
When certificates are generated with the Wild Card in the SAN the host name
validation is getting failed wit
R; Ramesh R.;
Srini Narayana
Subject: [edk2-devel] reg: Host Name Validation with Wild Card Certificate
Hello all:
Need a clarification on the Host Name support added in the HTTP Boot.
When certificates are generated with the Wild Card in the SAN the host name
validation is getting failed
On 03/07/20 23:40, Sean via Groups.Io wrote:
> The name of this flag is terrible but if you read the 2.8 spec.
> https://uefi.org/sites/default/files/resources/UEFI_Spec_2_8_A_Feb14.pdf
> page 1436.
> Says:
> EFI_TLS_VERIFY_FLAG_NONE means no additional flags set for hostname
> validation. Wildcar
The name of this flag is terrible but if you read the 2.8 spec.
https://uefi.org/sites/default/files/resources/UEFI_Spec_2_8_A_Feb14.pdf
page 1436.
Says:
EFI_TLS_VERIFY_FLAG_NONE means no additional flags set for hostname validation.
Wildcards are supported and they match only in the left-most lab
Hello all:
Need a clarification on the Host Name support added in the HTTP Boot.
When certificates are generated with the Wild Card in the SAN the host name
validation is getting failed with the below error codes.
Ex: DNS Name=*.ami.internal-test.com
TlsDoHandshake SSL_HANDSHAKE_ERROR State=0x
