Normally, when a certificate is to be valid for more than one
domain name, one name is in the CN field, and the others are in
the subjectAltName extension.
But look at the cert for https://www.ipmirror.com/;. It has
CN = admincms.ipmirror.com
CN = business.ipmirror.cn
CN =
Valid is whatever browser understands. As X.509 is/was related to LDAP,
then having multiple cn's in an entry is a no-no.
--
Konrads Smelkovs
Applied IT sorcery.
On Wed, Jun 2, 2010 at 5:23 AM, John Nagle na...@sitetruth.com wrote:
Normally, when a certificate is to be valid for more than
In order to be valid for the authentication of multiple DNS names an
X.509 certificate has to have them included in the subjAlternativeName
entry not in multiple CN entries in the subjectName. The latter
represents a single entity with potentially multiple CN entries, not
multiple entities each
John Nagle wrote:
Normally, when a certificate is to be valid for more than one
domain name, one name is in the CN field, and the others are in
the subjectAltName extension.
But look at the cert for https://www.ipmirror.com/;.
This might serve as an interesting example for the people