<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Hello. My two centimes worth.<br>
<br>
Although I use OpenSSL in test, I've never used altnames - sorry. <br>
<br>
In prod we use a comercial CA. I find that if I want to use one or
more altname(s) I must also specify the FQDN in the list of altnames.<br>
<blockquote>
<blockquote>
<p class="MsoNormal">Common Name: <b><br>
wiki</b>.a.b<br>
Alternate Name (DNS):<o:p></o:p><b><br>
wiki</b>.a.b<b><br>
wikisso</b>.a.b<br>
</p>
</blockquote>
</blockquote>
Cdlt, Dave<br>
---<br>
John A. Sullivan III wrote:
<blockquote cite="mid:1262649852.4358.0.camel@jaspav.ssiservices.biz"
type="cite">
<pre wrap="">On Tue, 2010-01-05 at 00:23 +0100, muzzol wrote:
</pre>
<blockquote type="cite">
<pre wrap="">2010/1/4 Rich Megginson <a class="moz-txt-link-rfc2396E" href="mailto:rmeggins@redhat.com"><rmeggins@redhat.com></a>:
</pre>
<blockquote type="cite">
<pre wrap="">muzzol wrote:
Did you specify the FQDN with the -h argument? What hostname did you give?
The real hostname or the subjectAltName?
</pre>
</blockquote>
<pre wrap="">i've used FQDN for CN and additional DNS entry for subjectAltName.
anyway, i've found that i get a diferent cert when signing it with
OpenSSL (openssl -req) and certutil (-C).
i've created a sample CA with certutil and repeated all process. now i
dont get that error anymore.
is this a known behaviour? is there any limitations with
subjectAltName and OpenSSL signing?
anyone using OpenSSL to sign their DS certs?
</pre>
</blockquote>
<pre wrap=""><!---->We are (via OpenCA) but we are also doing server side key generation -
John
--
389 users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:389-users@redhat.com">389-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a>
</pre>
</blockquote>
<br>
</body>
</html>