httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 32652] - mod_ssl: match hostnames against subjectAltName DNS names too
Date Thu, 13 Jan 2005 13:11:21 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=32652>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=32652


jorton@redhat.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Please document x509 v3     |mod_ssl: match hostnames
                   |subjectAltName              |against subjectAltName DNS
                   |                            |names too




------- Additional Comments From jorton@redhat.com  2005-01-13 14:11 -------
It would be nice if mod_ssl checked the subjectAltName extension and didn't warn
about CN mismatches if there is a mataching subjectAltName for the server host, yes.

Your assertion that "it's possible to do name-based vhosting with SSL so long as
all your vhosts share the same configuration" really belies the meaning of
"name-based vhosting", i.e. being able to have multiple server configurations
one of which is chosen based on the hostname used in the Host header.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message