Friday, April 12, 2013

Certificates with multiple valid hosts

The standard SSL certificate applies only to server in its CN (common name) field.

There is an extension Subject Alternative Name (2.5.29.17), which allows the certificate to be valid for more than one host. It cold be very helpful in such complex server environments.

Note that the client software have to be aware of the Subject Alternative Name (2.5.29.17), otherwise it would identify it as invalid. New browsers seem to be compatible.

No comments:

Post a Comment