This is a cryptographically signed message in MIME format.
--
Tony Earnshaw wrote:
>
> subjectAltName gives you the opportunity of using more than one subject
> CN (common name) in a host certificate.
Well this works fine. I use with my own openssl CA
# while request
commmonName = mx.cscc.de
and
# while signing the request
subjectAltName = DNS:smtp.cscc.de
> If you're using Openssl to generate self-signed certificates:
No I use my own Root CA with intermediate Server and User CA to
sign Server certs and User(email, codesigning, authorized clients)
certs.
> a: Internet search on "subjectAltName" and PKIX
> b: 'less openssl.cnf', look for "subjectAltName"
> c: 'man x509', 'man ca', look for "subject"
The last two will not cover the whole picture... ;-) but a.) :-)
> If you're using a commercial CA, you could experience difficulty in
> getting the issuer to implement subjectAltName; moreover it's possible
> that old client versions might not understand it.
Mozilla 1.6 works fine with subjectAltName
--
Best regards Uwe
--
Content-Description: S/MIME Cryptographic Signature
[ smime.p7s of type application/x-pkcs7-signature deleted ]
--