[CLUE-Tech] reverse DNS
Adam Bultman
adamb at glaven.org
Fri Sep 10 19:03:16 MDT 2004
>
>
>
>Besides email, there is another important use for
>reverse DNS that hasn't been discussed. When
>generating an SSL certificate
>need to put the name of your server into the
>certificate request. Then, when users access your
>site, the reverse DNS entry is compared against this
>name in the certificate (and in the URL) and if they
>don't match, a warning is presented to the user.
>
>
>
>
>
Um, I don't think so. The SSL certificate only has to match the name
of the host you are connecting to. If I connect to site www.domain.com,
but the SSL cert is for www2.domain.com, I'll get an error saying that
I'm connecting to a site where the cert isn't for the destination host.
For example: https://www.netsol.com. It complains about the cert being
for www.networksolutions.com, not for netsol.com.
RDNS information isn't used with SSL certificates only the
certificate's hostname and the site you are calling up.
I checked on a few sites, and it turns out if they don't have RDNS,
nothing happens - no errors.
Adam
More information about the clue-tech
mailing list