Sander Striker wrote:
>>From: David Waite [mailto:mass@akuma.org]
>>Sent: Tuesday, April 22, 2003 10:01 AM
>>
>>
>
>
>
>>There are a couple of different options here; you could add a hostname
>>mismatch override for those hosts, using something like the following in
>>the servers config file:
>>
>>[groups]
>>macrology = *.macrology.co.nz
>>
>>[macrology]
>>ssl-ignore-host-mismatch = true
>>
>>You could also generate your own certificate authority certificate, and
>>generate your own wildcard certificate or certificate per host. This
>>would be no less valid for those subdomains.
>>
>>The third and fourth options involve changing code; either a new flag
>>which treats certificates as wildcard certificates, or a server host
>>alias override. I would prefer the fourth option (its a lot less code
>>and appears more valid to me), but would probably want the
>>ssl-ignore-host-mismatch flag to go away if it was added.
>>
>>
>
>My vote would be on handling wildcard certs as wildcard certs. This is
>clearly not a host-mismatch case, since it matches its cert.
>
I believe the original poster wanted a non-wildcard certificate to be
treated as a wildcard certificate.
-David Waite
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Apr 22 10:49:08 2003