On Sun, 18 Sept 2022 at 18:34, Jaroslaw Rafa <r...@rafa.eu.org> wrote: > > Dnia 18.09.2022 o godz. 10:09:34 Stuart Henderson pisze: > > > > The CA/Browser Forum baseline requirements say that certificates must > > include subjectAlternativeName. This doesn't strictly apply to non-browser > > applications but it does mean that all CA-issued certs can be relied upon > > to have SAN. > > > > RFC 6125 6.4.4 says that clients must not check CN if the identifiers > > used in subjectAlternativeName are present. So for certs following the > > baseline requirements, checking CN is redundant. It also says that > > clients *may* check CN but it's not required. > > > > There are differences in handling of name constraints between certs > > using just CN and those using SAN. Name constraints don't really work > > for certs using CN (by adding dc= components to the Subject, you can > > comply with the directoryNameconstraints that apply to Subject > > while providing a CN that is not in the expected domain). The dNSName > > constraint applicable to SAN doesn't have this problem. > > > > So there's a good reason to avoid using CN when checking the name: it > > gives defence against a CA or sub-CA with a trusted but constrained root > > certificate that goes rogue. > > > > Practically this means you need to make sure that if you use self- > > signed or internal CA certificates you include subjectAlternativeName > > otherwise they won't work with some client software. If you use public > > CA-signed certs you typically don't need to do this yourself because > > the CA adds SAN if missing from the CSR (their only other option is > > to reject issuance). > > I have a question regarding this: > I always understood (maybe wrong) SAN as literally *alternate* DNS names for > the server in addition to its basic, "canonical" DNS name, which was > specified in the CN. > > For example if the server is example.com, but it also can be accessed as > www.example.com (and both names have A records resolving to the same IP > adddress), I put example.com into CN and www.example.com into SAN. > > From what you have written above, I cannot figure out if this is correct, or > maybe should I put both names example.com and www.example.com into SAN (in > addition to example.com being in CN)?
As per my previous reply, the CN must now be replicated/duplicated in the SAN. So in you example a valid .csr now contains: CN = example.com SAN.1 = example.com SAN.2 = www.example.com etc. Of course you could also have: CN = www.example.com SAN.1 = www.example.com SAN.2 = example.com Regards Simon