Hi
I recently upgraded curl from 7.19.4 to 7.19.6 to get ssl resume support
and one of my server certificates stopped working...
The cert was created with TinyCA, so I can't attest to it being created
correctly... anyway, the relevant part of the cert is, as reported by
openssl x509:
...
Subject: C=FI, ST=Uusimaa, L=Espoo, O=Enkora Oy Ltd, OU=Access Control
Systems, CN=nexus.enkora.fi/[email protected]
...
X509v3 Subject Alternative Name: email:[email protected]
...
I understand there were at least 2 recent fixes in curl/openssl, namely
subjectAltName vs CN and null byte in CN.
Is my cert fundamentally broken and it was just luck that it worked with
curl before (and also with openssl s_client and firefox), or did the
hostname/email thing break in curl?
Certificate is live on https://nexus.enkora.fi and CA (self-made too) is
at http://nexus.enkora.fi/setup/
Thanks
Dima Q.
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
