> On Dec 22, 2018, at 9:12 PM, Salz, Rich via openssl-users <openssl-users@xxxxxxxxxxx> wrote: > > Putting the DNS name in the CN part of the subjectDN has been deprecated for a very long time (more than 10 years), although it is still supported by many existing browsers. New certificates should only use the subjectAltName extension. Are any CAs actually doing that? I thought they all still included subject.CN. -F -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
