To quote rfc 2818:
If a subjectAltName extension of type dNSName is present, that MUST
be used as the identity. Otherwise, the (most specific) Common Name
field in the Subject field of the certificate MUST be used. Although
the use of the Common Name is existing practice, it is deprecated and
Certification Authorities are encouraged to use the dNSName instead.
Can some give me an example? Am I doing this correctly:
subjectAltName=dNSName:192.168.1.12
What is value for dNSName ? Is it supposed to be IP address? Is it
supposed to be www.domain.com ?
I wish to create wild card certificates of the form *.domain.com and
*.*.domain.com that bind to a single IP address. Has anyone done this?
Does it work with Internet Explorer ?
Thank you.
Khai
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
