Hi Viktor, Thank you very much. Yo're awesome help!!
Last, yes, i mis belief my findings jejeje I just feel out of business here. Thanks again. Sent from my Android mobile, excuse the brevity. On Mar 26, 2014 11:00 PM, "Viktor Dukhovni" <postfix-us...@dukhovni.org> wrote: > On Wed, Mar 26, 2014 at 10:51:29PM +0100, Pau Peris wrote: > > > Are you really sure? I mean, do you know where can i find information > about > > this topic? > > Do you disbelive you own findings? You report that the same > certificate is accepted when the MUA is configured to connect to > the subject commonName and rejected when the client is configured > to connect to a DNS subjectAltName. What conclusion do you draw > about the MUA? > > > As i planned to operate that way, buying cheap ssl certs for > > multiple domains/subdomains i would like to be sure before discarding > that > > procedure. > > The subject DN needs to be compatible with the needs of clients > that don't support subjectAltNames. This may limit your freedom > to choose server names and will constrain the set of usable > certificates. Clients that support subjectAltNames can be handled > by adding appropriate DNS subjectAltNames. > > -- > Viktor. >
