[Issues] [mod_gnutls 0000035]: SubjectAltName not supported for
Server Names
issues at outoforder.cc
issues at outoforder.cc
Tue Mar 28 04:23:38 EST 2006
A NOTE has been added to this issue.
======================================================================
http://issues.outoforder.cc/view.php?id=35
======================================================================
Reported By: chip
Assigned To:
======================================================================
Project: mod_gnutls
Issue ID: 35
Category: SSL/TLS Standards Issue
Reproducibility: always
Severity: feature
Priority: normal
Status: new
Apache Version: unspecified
======================================================================
Date Submitted: 05-19-2005 10:17 EST
Last Modified: 03-28-2006 04:23 EST
======================================================================
Summary: SubjectAltName not supported for Server Names
Description:
Currently, only the common name is checked to match when searching for a
certificate. The SubjectAltName should also be checked for matches. This
is required as part of RFC 2818.
======================================================================
----------------------------------------------------------------------
urkle - 05-19-05 19:06
----------------------------------------------------------------------
And the standard mod_ssl doesn't check the altsubjectname DNS records
either. And if you do have the altsubjectname set in your Cert, Firefox
will ONLY use that and ignore common name.. (I was creating web certs
today)
Is there a bug on issues.apache.org in reference to mod_ssl?? (only 2.0.50
tested however)
----------------------------------------------------------------------
Nelson B - 03-28-06 04:23
----------------------------------------------------------------------
> If you do have the altsubjectname set in your Cert,
> Firefox will ONLY use that and ignore common name..
RFC 2818 requires that (as much as it requires anything, given that
it is merely an informational RFC and doesn't specify a standard).
Issue History
Date Modified Username Field Change
======================================================================
05-19-05 10:17 chip New Issue
05-19-05 10:17 chip Apache Version => unspecified
05-19-05 19:06 urkle Note Added: 0000042
03-28-06 04:23 Nelson B Note Added: 0000065
======================================================================
More information about the Issues
mailing list