On Wed, Jul 02, 2003, Lu, Steve wrote: > Hi All, > > Can Openssl be used to create wildcard certificates? > To what extend does OpenSSL support wildcard certs? >
Yes it can create them since they just have components with certain characters like '*' in them e.g. *.foobarinc.com . Currently it is the applications responsibility to check that hostnames etc are consistent with the certificate details (CN matches hostname for example). There is no functionality for wildcard certificates, so it would also be an applications responsibility to check the wildcard name matched the expected hostname. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
