I am using OpenSSL to create a self sign certificate and have a need to add approximately 4000, yes 4000, DNS entries (don't ask why) using Subject Alternative Name. I have succeeded in creating a certificate with 500 DNS entries and it works just fine with no noticeable latency accessing the web sites listed via the SAN in the certificate. However, I run into a problem when I create a certificate with more than 500 SAN entries. OpenSSL creates the certificate and there are no indications of any problems. After installing the new certificate, however, I can no longer access any of the sites where the certificate is installed.
I've read RFC3280 and there is no mention of a maximum for SAN entries. Has anyone had any experience with this or do you have any ideas? Thanks for any help. -- View this message in context: http://old.nabble.com/Subject-Alternative-Name-Help-tp27539914p27539914.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
