On 27/01/2021 23:01, Daniel Skiles wrote:
>> Curious: what is "keytool -ssl server"?
>
> https://docs.oracle.com/javase/7/docs/technotes/tools/solaris/keytool.html
>
> keytool -printcert has an additional -sslserver object, which will let you
> connect to external servers and dump cert
On 27/01/2021 21:06, Daniel Skiles wrote:
> https://tools.ietf.org/html/rfc5280#section-4.2.1.6
>
> RFC5280, at least, seems to suggest that SANs need not be case sensitive.
>
> "Note that while uppercase and lowercase letters are allowed in domain
> names, no significance is attached to the
On January 27, 2021 10:43:48 PM UTC, Christopher Schultz
wrote:
>All,
>
>The Mapper seems to understand that case should be ignored while
>looking
>for hosts. That's expected, since it would have made Tomcat fail for
>all
>kinds of reasons in the past.
>
>However, the Mapper doesn't normalize.
> Curious: what is "keytool -ssl server"?
https://docs.oracle.com/javase/7/docs/technotes/tools/solaris/keytool.html
keytool -printcert has an additional -sslserver object, which will let you
connect to external servers and dump cert information. It's built into the
java distributions, so it
All,
The Mapper seems to understand that case should be ignored while looking
for hosts. That's expected, since it would have made Tomcat fail for all
kinds of reasons in the past.
However, the Mapper doesn't normalize. Instead, it performs
case-insensitive matching every time. I wonder if
Daniel,
On 1/27/21 15:37, Daniel Skiles wrote:
The tomcat instance is not on linux so I was not able to get telnet/nc
up and running.
Telnet should be available everywhere. Actually, only on Windows these
days lol.
That said, I do have information from both curl and java's keytool
-ssl
https://tools.ietf.org/html/rfc5280#section-4.2.1.6
RFC5280, at least, seems to suggest that SANs need not be case sensitive.
"Note that while uppercase and lowercase letters are allowed in domain
names, no significance is attached to the case."
There may be other implications that I have not
The tomcat instance is not on linux so I was not able to get telnet/nc up
and running. That said, I do have information from both curl and java's
keytool -ssl server command.
For keytool -ssl server, requesting HOST.domain.com returns the correct
certificate. If I request host.domain.com,
On 27/01/2021 19:42, Christopher Schultz wrote:
> On 1/27/21 14:37, Daniel Skiles wrote:
>> Are SSLHostConfig.hostName attribute values case sensitive in Tomcat? I
>> have looked through the documentation and it does not seem to specify
>> either way.
>
> Hostnames are, by RFC[1] definition,
Daniel,
On 1/27/21 14:37, Daniel Skiles wrote:
I'm currently running into some peculiar behavior with SNI, and I'm
wondering if any of you might be able to offer suggestions. I'm not sure
if it's a bad config, a bug, or a limitation of the software.
I have a Tomcat instance that has two
I'm currently running into some peculiar behavior with SNI, and I'm
wondering if any of you might be able to offer suggestions. I'm not sure
if it's a bad config, a bug, or a limitation of the software.
I have a Tomcat instance that has two SSLHostConfig elements applied.
The first is the
11 matches
Mail list logo
