On Monday, April 10, 2000 10:50 AM, Jon Earle [SMTP:[EMAIL PROTECTED]]
wrote:
> It would be whatever the machine is called, in your case,
> secure.macinshop.be. As I understand it, and folks, please correct any
> misunderstandings, the CN within the certificate is used by the browser
to
> verify that the machine sending the data is actually that box, and not
some
> other box that someone at that site created. The certificate is unique
to
> a specific machine. There are site certificates that use a wildcard in
the
> CN, but I think I remember Netscape and IE both complaining about the
fact
> that the wildcard didn't match the hostname sending the certificate.
>
> Jon
Jon,
I believe that what you wrote isn't accurate. The CN is actually the
name the ip address resolves to, and not the name the machine resolves to.
If it were the machine, then you could only have on secure site per
machine. This is not the case. You can have as many secure sites on a
machine as you can IP addresses to support them.
Remeber, CN IS case sensitive, so Secure.WildcatBlue.Com with a certificate
written for secure.wildcatblue.com would error with name does not match
site name.
Rob Bastille
IT Department Manager
WildcatBlue.Com - http://www.wildcatblue.com/
First Computer Solutions, Inc. - http://fcomsolutions.com/
(606) 625-9453 (Voice)
(606) 624-1233 (Fax)
"The soul would have no rainbow had the eyes no tears"
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
