[Chugalug] Odd EPB Behavior

flushy at flushy.net flushy at flushy.net
Mon Mar 3 22:22:53 UTC 2014

Quoting Dave Brockman <dave at brockmans.com>:

>> I'd have to test that, though.
> Does HTTP even do a RDNS lookup?  If you want the cert valid when you
> access via IP address, the IP address needs to be either the CN or in

I just ran a quick test (and you are correct):

create two certs using my CA:


each server cert is a pair of server.pem and server.key, were key is  
an RSA 1024 bit key.

[server command]
openssl s_server -CAfile cacert.pem -cert server.pem -key server.key  -www -4


URL            CERT       RESULT
============== ========== ============
url1           cert1      OK
url2           cert1      WARNING
url1           cert2      WARNING
url2           cert2      OK


More information about the Chugalug mailing list