https://tools.ietf.org/html/rfc5280#section-4.2.1.6

RFC5280, at least, seems to suggest that SANs need not be case sensitive.

"Note that while uppercase and lowercase letters are allowed in domain
names, no significance is attached to the case."

There may be other implications that I have not uncovered.  I am not
intimately familiar with the Tomcat internals.

On Wed, Jan 27, 2021 at 3:36 PM Mark Thomas <ma...@apache.org> wrote:

> On 27/01/2021 19:42, Christopher Schultz wrote:
> > On 1/27/21 14:37, Daniel Skiles wrote:
>
> <snip/>
>
> >> Are SSLHostConfig.hostName attribute values case sensitive in Tomcat?  I
> >> have looked through the documentation and it does not seem to specify
> >> either way.
> >
> > Hostnames are, by RFC[1] definition, NOT case-sensitive. Those values
> > might be case-sensitive in Tomcat, though only accidentally.
>
> Code inspection strongly suggests that is the case.
>
> > Can you confirm a few things:
> >
> > Using curl -v with HOST do you get the right cert?
> >
> > Using telnet/nc with HOST do you get the right cert?
>
> Also need to check if there are any rules / specs for hosts names in
> certs that require them to be lower case.
>
> Mark
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Reply via email to