If I remove internal /etc/hosts lookup entry should it resolve or you mean CA just dropped subjectAltName even though I included. - miten On Jan 17, 2014 7:31 PM, "Ognjen Blagojevic" <ognjen.d.blagoje...@gmail.com> wrote:
> Miten, > > On 17.1.2014 14:33, Miten Mehta wrote: > >> The catalina.out complaines with SSL handshake stating No Name matching >> mhoodws.ril.local found. >> > > For security reasons, CA shouldn't sign any certificate containing > internal server name (either as CN, or subjectAltName): > > "As of July 1, 2012, all CAs were required to notify customers applying > for internal name certificates that the use of such certificates has been > deprecated by the CA / Browser Forum and that the practice will be > eliminated by October 2016." > > https://cabforum.org/internal-names/ > > So, I guess your CA removed subjectAltName while signing the certificate, > and also missed to notify you about the removal. > > -Ognjen > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
