Rod Gilchrist wrote:
> Anyone have a solution to this? Think there will be one?
The really ugly hack is to create a certificate with CN *.company.com.
Not really a very nice solution, but recent Nutscrape and Mickeysploder
versions seems to accept it.
> If the server name or URL came across from the client at the beginning
> of the SSL handshake, the server end of SSL could look
> up a certificate based on the URL being presented and respond
> with the appropriate server certificate if it has one available.
> I don't think the server name or URL comes across though.
Nope, the host name is strictly part of the HTTP headers, and not
available until after the SSL connection has been made.
vh.
Mads Toftum, MT165-RIPE
---
Cynic, n.:
A blackguard whose faulty vision sees things as they are, not
as they ought to be. Hence the custom among the Scythians of plucking
out a cynic's eyes to improve his vision.
-- Ambrose Bierce, "The Devil's Dictionary"
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
