Dear readers,
I've just came back to ssl since a long time away with LDAP...
Now, I've just encountered a problem with a DNS CNAME based "multiple
server" configuration.
I know I could generate a cert for cn=*.mydomain.my, and both NS and
latest MS products are supposed to accept that cert for any system with
DNS name anything.mydomain.com, but this would lead to small glitches with
more granular requests: suppose I have a cert for cn=*.mydomain.my, and
then I want to use another one for cn=host.specialgrp.mydomain.com... the
first cert would do as well for the new host, and I wouldn't like this...
What I'd like to know is if it is possible to put in multiple CNs inside
a cert, like in
0.CommonName = sthg.mydomain.my
1.CommonName = sthgelse.mydomain.my
and so on; if it is possible, how do I do to generate such a cert, and,
last but not least, if client software is supposed to accept the same
cert, both if connecting to sthg.mydomain.my and to sthgelse.mydomain.my,
if I have configured sthgelse.mydomain.my as a DNS alias for
sthg.mydomain.my ("sthgelse.mydomain.my CNAME sthg.mydomain.my")
Thank you very much,
Yours,
lorenzo
PS Please CC: me any replies you send to the list. Thank you
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
