[Dovecot] Dovecot SSL limitations
Jose Celestino
japc at co.sapo.pt
Mon Nov 30 18:10:54 EET 2009
On Seg, 2009-11-30 at 17:03 +0100, Thomas Hummel wrote:
> On Mon, Nov 30, 2009 at 03:50:00PM +0000, Jose Celestino wrote:
>
> > The client compares the CN of the certificate with the hostname it has
> > configured and warns on a mismatch. What you can do is have multiple
> > subjects certificate, that is a certificate again with a single CN but
> > with multiple alt subjects that should cover all the names that server
> > may have. The client should support those kind of certificates, of
> > course.
>
> Thanks.
>
> You're not talking about wildcard certificate, aren't you ?
>
No, this are called SAN certificates.
-- Jose Celestino SAPO.pt::Systems http://www.sapo.pt
--------------------------------------------------------------------- *
Progress (n.): The process through which Usenet has evolved from smart
people in front of dumb terminals to dumb people in front of smart
terminals.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20091130/237d0f4b/attachment.bin
More information about the dovecot
mailing list