Re: Subject Alternative Name in TLS - does this work?

[Howard Chu <hyc@symas.com>]

Aleksander DzierÅanowski wrote:
> On Fri, Oct 18, 2013 at 11:25:59AM +0100, lejeczek wrote:
> >
> [...]
> > my case is, well should be a lot more simpler, one box with
> >
> > slapd.local.domain
> > slap.public.external
> >
> > and this one host I would like to be able to search through on/via
> > both hostnames/IPs with TLS
> > so I issue myself and sign a certificate, CA issuer is
> > CA.local.domain
> >
> > Subject: .......... CN=slapd.local.domain/email.........
> > and
> > X509v3 Subject Alternative Name:
> >                  DNS:slap.public.external, IP Address:ex.te.rn.al
>
> Please add "slapd.local.domain" also to SAN and problem will be fixed.

Nonsense. Unnecessary.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/