Richard Salz wrote:
Wow a 512 bit key! Really unwise.
Ture.
It's already been replaced with a 2048 bit key. :-) I was just
grasping at straws last night trying to figure out what was wrong.
You did not mention the
X509v3 Subject Alternative Name:
DNS:helpdesk.cis.uab.edu
When this is present the CN is ignored.
Really? That seems like a bug. There's a reason why it's called
subjectAlternativeName, and not subjectPreferredName. Nevertheless, as you
say, putting both names is a reasonable work-around.
That also explains another weird behavior I was seeing, so it is good to
know about this.
--
Fran Fabrizio
Senior Systems Analyst
Department of Computer and Information Sciences
University of Alabama at Birmingham
http://www.cis.uab.edu/
205.934.0653
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
