[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: valid entries for CN in certificate

To: gmatt@nerc.ac.uk, openldap-software@OpenLDAP.org
Subject: Re: valid entries for CN in certificate
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Mon, 15 Mar 2004 08:27:13 -0800
Content-disposition: inline
In-reply-to: <1079343622.7429.9.camel@lea.nerc-wallingford.ac.uk>
References: <1079343622.7429.9.camel@lea.nerc-wallingford.ac.uk>

--On Monday, March 15, 2004 9:40 AM +0000 Greg Matthews <g.matthews@itss.nerc.ac.uk> wrote:

Just about everything I've read says to use a FQDN for the cn when
creating your server certificate. I've done this and it works. Fine.

question: why fqdn? are there good reasons for insisting on fqdn? why
not just the short hostname? opinions?


I suggest you read the related RFC's, and then you'll know the answer. :)

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

Follow-Ups:
- Re: valid entries for CN in certificate
  - From: Greg Matthews <gmatt@nerc.ac.uk>

References:
- valid entries for CN in certificate
  - From: Greg Matthews <g.matthews@itss.nerc.ac.uk>

Prev by Date: Re: DB_CONFIG
Next by Date: Re: memory leak, or 'normal' behaviour?
Index(es):
- Chronological
- Thread