[CLUE-Tech] reverse DNS
David L. Willson
DLWillson at TheGeek.NU
Fri Sep 10 21:48:18 MDT 2004
One other use is that many distros are configured to determine their
hostname from Reverse DNS. OK, this is the address I got from DHCP, so I
must be...
Unfortunately, in all networks other than my home one, where I have a
reservation for every box that matters, the name that comes back is usually
from some Win2k or XP box that had the address before.
----- Original Message -----
From: "Adam Bultman" <adamb at glaven.org>
To: <clue-tech at clue.denver.co.us>
Sent: Friday, September 10, 2004 7:03 PM
Subject: Re: [CLUE-Tech] reverse DNS
> >
>>
>>
>>Besides email, there is another important use for
>>reverse DNS that hasn't been discussed. When
>>generating an SSL certificate
>>need to put the name of your server into the
>>certificate request. Then, when users access your
>>site, the reverse DNS entry is compared against this
>>name in the certificate (and in the URL) and if they
>>don't match, a warning is presented to the user.
>>
>>
>>
>>
> Um, I don't think so. The SSL certificate only has to match the name of
> the host you are connecting to. If I connect to site www.domain.com, but
> the SSL cert is for www2.domain.com, I'll get an error saying that I'm
> connecting to a site where the cert isn't for the destination host. For
> example: https://www.netsol.com. It complains about the cert being for
> www.networksolutions.com, not for netsol.com.
> RDNS information isn't used with SSL certificates only the certificate's
> hostname and the site you are calling up.
>
> I checked on a few sites, and it turns out if they don't have RDNS,
> nothing happens - no errors.
> Adam
>
>
> _______________________________________________
> CLUE-Tech mailing list
> Post messages to: CLUE-Tech at clue.denver.co.us
> Unsubscribe or manage your options:
> http://clue.denver.co.us/mailman/listinfo/clue-tech
>
More information about the clue-tech
mailing list