[X509] Wildcard in Subject Name

24/03/2015 - 18:40 von Michael Baeuerle | Report spam
Beim testen bin ich über dieses Problem gestolpert:

[...]
flnews: TLS: Server certificate:
flnews: TLS: Subject Alternative Name: *.blueworldhosting.com (don't match hostname)
flnews: TLS: Subject Alternative Name: blueworldhosting.com (don't match hostname)
flnews: TLS: Subject Name: *.blueworldhosting.com (don't match hostname)
flnews: TLS: Alert: Server certificate verification failed (CN does not match hostname nntpswitch.blueworldhosting.com)
flnews: NNTP: Cannot connect to server


RFC5280 sagt dazu:
|
| [...]
| Finally, the semantics of subject alternative names that include
| wildcard characters (e.g., as a placeholder for a set of names) are
| not addressed by this specification. Applications with specific
| requirements MAY use such names, but they must define the semantics.

Sind fürs USENET irgendwo entsprechende "semantics" definiert?
 

Lesen sie die antworten

#1 Florian Weimer
24/03/2015 - 19:28 | Warnen spam
* Michael Baeuerle:

Sind fürs USENET irgendwo entsprechende "semantics" definiert?



Ja, in RFC 4642, Abschnitt 5. Wildcards sind demnach zulàssig.

Ähnliche fragen