Re: Subject CN and SANs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Salz, Rich via openssl-users <openssl-users@xxxxxxxxxxx> wrote:
    > Putting the DNS name in the CN part of the subjectDN has been
    > deprecated for a very long time (more than 10 years), although it
    > is still supported by many existing browsers. New certificates
    > should only use the subjectAltName extension.

Fair enough.

It seems that the "openssl ca" mechanism still seem to want a subjectDN
defined.  Am I missing some mechanism that would let me omit all of that?  Or
is a patch needed to kill what seems like a current operational requirement?

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     mcr@xxxxxxxxxxxx  http://www.sandelman.ca/        |   ruby on rails    [

Attachment: signature.asc
Description: PGP signature

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux