|
Hi All, I want to configure Apache to verify client certificates.
What I am not sure about is whether Apache verifies the fully qualified domain
name (FQDN) of each client as well. If it does, where is this behavior
explained? For example, does it use the client IP address to look up the corresponding
domain names in the DNS and then compare all matching domain names to the one
in the client certificate? Also, which field is used in the client certificate,
subjectName.commonName or subjectAltName.dNSName? What happens if the names don’t
match? What if the DNS lookup fails because there is no DNS entry for the given
IP? Thanks, Alex |
- Re: server verification of client FQDNs Alex Milanovic
- Re: server verification of client FQDNs James Collier
