OpenSSL

[Fernando Gozalo]

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Fernando Gozalo wrote:
> <<--snip-->>
>
> |
> | Last day I found this:
> |
> | ===================
> | RFC 2830 also specifies a means for additional names to be set in a
> | certificate. This is done using the subjectAltName field which is an
> | X.509v3 extension of the basic certificate. This field can be used to
> list
> | aliases for a server, shared names in a load-balancing setup, or any
> other
> | desired purpose. A wildcard can also be used, to allow a single
> | certificate to match all hostnames within a given domain.
> |
> | In the openssl.cnf file, the syntax for this extension is
> |
> | subjectAltName=DNS:alias1.domain1,DNS:host2.domain2,DNS:*.domain3
> |
> | Any number of names may be specified in the comma-separated list.
> | ===================
> |
> | Maybe can help.
> |
> | Fernando.
>
> Ok; but, how do I use this information properly.  I've already tried
> using it but it doesn't seem to work.

So, create the cert and install as others told you. The clients won't
complain when they access your server whatever name from list they use.

I'm not an expert, but here we try this in a web server (IIS) and it works.


Un saludo.
Fernando.