On Wed, Dec 05, 2001 at 02:47:39PM -0500, Jason Hendriks wrote:
> I needed an SSL certificate for my POP3-SSL server (ipopd), so I created a
>self-signed certificate using the CA.pl tool and openssl. It works fine, but my
>question is since there are two domains for this machine's IP, how can I create a
>certificate for more than one common name? Do I have to create two certificates and
>configure the daemon to look at both? Or do I combine two certificates into one
>somehow?
It is not possible to have two domains on one IP, as there is only one
CommonName entry available in a certificate.
In the future it may be possible to have more than one entry by using
the dNSName feature of SubjectAlternateName, but as far as I know,
this is not widely supported by client software (read this last statement:
I don't know of any client software supporting it).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
