[asterisk-bugs] [JIRA] (ASTERISK-25063) [patch]add X.509 subject alternative name support to Asterisk TLS support
Friendly Automation (JIRA)
noreply at issues.asterisk.org
Wed Nov 16 13:17:10 CST 2016
[ https://issues.asterisk.org/jira/browse/ASTERISK-25063?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=233773#comment-233773 ]
Friendly Automation commented on ASTERISK-25063:
------------------------------------------------
Change 4451 merged by Joshua Colp:
Add X.509 subject alternative name support to TLS certificate verification.
[https://gerrit.asterisk.org/4451|https://gerrit.asterisk.org/4451]
> [patch]add X.509 subject alternative name support to Asterisk TLS support
> -------------------------------------------------------------------------
>
> Key: ASTERISK-25063
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25063
> Project: Asterisk
> Issue Type: Improvement
> Security Level: None
> Components: Core/General
> Reporter: Maciej Szmigiero
> Assignee: Rusty Newton
> Severity: Minor
> Target Release: 14.0.0
>
> Attachments: asterisk-cert-alt-names.patch
>
>
> This patch adds X.509 subject alternative name support to Asterisk TLS support.
> This way one X.509 certificate can be used for hosts that can be reached under multiple DNS names or for multiple hosts.
> Currently the code seems to accept multiple subject (CN) fields instead, however according to Mozilla this is not a correct behavior as only the most specific one should be used: https://bugzilla.mozilla.org/show_bug.cgi?id=380656
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list