Re: [squid-users] Intercepting HTTPS with WCCPv2 from Henrik Nordstrom on 2006-12-21 (squid-dev)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Thu, 21 Dec 2006 16:11:18 +0100

tor 2006-12-21 klockan 15:45 +0100 skrev Henrik Nordstrom:

> Certificates can be signed with any name, but the browsers will complain
> if the certificate does not contain the exact requested hostname or a
> matching wildcard either in the DN or in a specific attribute for the
> purpose..

Which means that for a server which likes to advertise itself as
https://ip.of.server/ then the certificate needs to be issued to the IP.

Regards
Henrik

application/pgp-signature attachment: Detta är en digitalt signerad meddelandedel

Received on Thu Dec 21 2006 - 08:11:24 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 30 2006 - 12:00:04 MST