[Date Prev][Date Next] [Chronological] [Thread] [Top]

SSL Cert Question



Title: Message
I found this:
---- cut here ----

RFC 2830 also specifies a means for additional names to be set in a certificate. This is done using the subjectAltName field which is an X.509v3 extension of the basic certificate. This field can be used to list aliases for a server, shared names in a load-balancing setup, or any other desired purpose. A wildcard can also be used, to allow a single certificate to match all hostnames within a given domain.

In the openssl.cnf file, the syntax for this extension is

subjectAltName=DNS:alias1.domain1,DNS:host2.domain2,DNS:*.domain3
Any number of names may be specified in the comma-separated list
---- cut here ----
 
at http://www.openldap.org/faq/data/cache/185.html
 
I have looked in the O'Reilly OpenSSL book but have not been able to figure out where in the openssl.cnf
file to put this entry.  I need to do this so I can use something like ldap.mycompany.com and have it point
at a pool of ldap servers for high availability.
 
Can anyone enlightne me?
 
Thanks
 
Jeff Saxton