Hi All,
It seems the latest version of IE 5.0 (5.00.2920.0000) on Windows
2000 Por no longer accept our wildcard certs from Thawte. These
certs are like *.im1.net. Previous versions, and even Netscape 6
Preview release 1 have no problems. IE 5.0 now complains that the
cert does not match the site (which it does, just not implicitly)
Thawte have not yet responded to this query, and given recent
activity there, I doubt I will get one.
It appears Microsoft have obsoleted (depricated) our wildcard certs.
My biggest concern here is that Thawte would/should know this,
and should/could inform their customers of the changes *before* it
affects their business.
Technically *.im1.net does not match (for example)
webm9.im1.net. I suppose I should be challenging Microsoft on
this, and not Thawte. I also suppose I should determine if it is just
a bug (rather than a feature) in IE 5.0 as well. It only has been
verified on Windows 2000 Release and upgrade. Only with IE.50,
Netscape 4.72 and 6.0PR1 work fine.
Perhaps some of the more enlightened on the list can offer some
suugestions regarding how to proceed on this.
Should we buy new certs for each box? (Note: Thawte still sell
wildcard certs, although the price is now 4 times that of a year ago)
Should we "upgrade" to a "modern" OS Windows 2000 Server(s)
instead of the 30 year old ancient Unix OS we use now? (Gee,
sounds best, huh?) At least we can be assured of "compatibility".
(Sorry for the rant guys)
Anyone have any suggestions (other than flames)?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
