I found this:
---- cut here ----
RFC 2830 also specifies a means for additional names to be set in a
certificate. This is done using the subjectAltName field which is an
X.509v3 extension of the basic certificate. This field can be used to
list aliases for a server, shared names in a load-balancing setup, or
any other desired purpose. A wildcard can also be used, to allow a
single certificate to match all hostnames within a given domain.
In the openssl.cnf file, the syntax for this extension is
subjectAltName=DNS:alias1.domain1,DNS:host2.domain2,DNS:*.domain3
Any number of names may be specified in the comma-separated list
---- cut here ----
at http://www.openldap.org/faq/data/cache/185.html
I have looked in the O'Reilly OpenSSL book but have not been able to
figure out where in the openssl.cnf
file to put this entry. I need to do this so I can use something like
ldap.mycompany.com and have it point
at a pool of ldap servers for high availability.