Tahura,
That's
great... I'll give it a try locally here.
Irving,
It
looks like our certificate request will need to have a PKCS#9 ExtensionRequest
Attribute to get the SubjectAltName Extension into the certificate. Will
your RA/CA honor this extension request?
Thanks,
Ryan
You can include multiple names in the
"subjectAltName" field of a certificate to get around this
problem.
The browser does complain "The name on the security certificate does
not match the name of the site".
To
skip this error message in the web browser, it is required that the site
name and CN are the same. In that case, different site (such as
portal.xxxx.com, application.xxxx.com) must use different certificate as you
suggested.
Does anyone have any idea how we handle this
matter?
Does anyone know the rules for specifying the CN
attribute in the certificate request so that browsers will not complain
about machine name mismatches? For instance, I see that the
Crosslogix's certificate request uses a CN of www.crosslogix.com, but the URL's hit
by a browser will include machine names of "portal.crosslogix.com" and
"receiver.crosslogix.com".
Won't this cause a browser to complain? We
will likely have the same issue with "portal", "receiver", and "responder"
in the .entegrity.com domain.
Attached is the CrossLogix certificate request, for both
server and client usage.
FYI: We are able to use Baltimore Trial Certificate obtained
through this certificate request.
This footnote confirms that this email message has been swept
by MIMEsweeper for the presence of computer
viruses.
----------------------------------------------------------------------------------------------------------------- The
information contained in this message is confidential and is intended for
the addressee(s) only. If you have received this message in error or there
are any problems please notify the originator immediately. The
unauthorised use, disclosure, copying or alteration of this message is
strictly forbidden. Baltimore Technologies plc will not be liable
for direct, special, indirect or consequential damages arising from
alteration of the contents of this message by a third party or as a result
of any virus being passed on.
This footnote confirms that this
email message has been swept for Content Security threats,
including computer viruses.
http://www.baltimore.com
This
footnote confirms that this email message has been swept by Baltimore
MIMEsweeper for Content Security threats, including computer
viruses.
|