[ale] SSL Certs for $14.95
Christopher Fowler
cfowler at outpostsentinel.com
Wed Apr 5 18:34:43 EDT 2006
On Wed, 2006-04-05 at 18:03 -0400, Michael H. Warfield wrote:
> What would you use for the DN (Distinguished Name)? That's
> what gets
> compared to the DNS name in the SSL connection certificate check. If
> that DN doesn't match the host name at the time of lookup, you get an
> error. If you don't have a host name, what is going to be your basis
> of
> comparison?
Here is another case of where my situation is unique. Our embedded
devices support SSL and you can place a certificate on them. However
they may not have a hostname and may have many ip addresses.
We have 2 servers in a data center that only have IP addresses and no
host names. To give them a host name we would have to take ownership of
our domain records from Earthlink and assign them ourself. So if a
device has many ip addresses it may not be possible to do a reverse
lookup on an ip address.
In the end I can't assign host names that can be looked up in DNS to
every device including those I own.
More information about the Ale
mailing list