I use subjectAltName on the cert to include the IP address and alternate DNS names. You need to add the "subjectAltName=" name to the openssl.cnf file in the v3_ca and v3_req sections. Works for us anyway.
-Frank On Fri, Apr 15, 2016 at 9:28 AM, Prashanth P.Nair <prashanth...@gmail.com> wrote: > Hi > > Currently my LDAP server is having self signed FQDN based SSL certificate > .I would like to have IP based SSL certificate for the same node.IS that > feasible ? > > Below certificate issued to FQDN i.e CN=FQN. > > TLSCACertificateFile /etc/ssl/ldap.pem > TLSCertificateKeyFile /etc/ssl/ldap.pem > TLSCertificateFile /etc/ssl/ldap.pem > > > Br/Prashanth. > -- Frank
