No subject

You have attempted to establish a connection with
"www.netsol.com".  However, the security certificate
presented belongs to "www.networksolutions.com".  It
is possible, though unlikely, that someone may be
trying to intercept your communication with this web
site...

And from IE 6.x:

Information you exchange with this site cannot be
viewed or changed by others.  However, there is a
problem with the site's security certificate:
...
The name on the security certificate is invalid or
does not match the name of the site.
...



So the reverse DNS must match in order for SSL not
to issue a warning.

Eric


--- Adam Bultman <adamb at glaven.org> wrote:

> >
> >
> >
> >Besides email, there is another important use for
> >reverse DNS that hasn't been discussed.  When
> >generating an SSL certificate
> >need to put the name of your server into the
> >certificate request.  Then, when users access
> your
> >site, the reverse DNS entry is compared against
> this
> >name in the certificate (and in the URL) and if
> they
> >don't match, a warning is presented to the user.
> >
> >
> >
> >  
> >
> Um, I don't think so.   The SSL certificate only
has
> to match the name 
> of the host you are connecting to.  If I connect
to
> site www.domain.com, 
> but the SSL cert is for www2.domain.com, I'll get
an
> error saying that 
> I'm connecting to a site where the cert isn't for
> the destination host.  
> For example: https://www.netsol.com.  It complains
> about the cert being 
> for www.networksolutions.com, not for netsol.com. 
> 
> RDNS information isn't used with SSL certificates
> only  the 
> certificate's hostname and the site you are
calling
> up.
> 
> I checked on a few sites, and it turns out if they
> don't have RDNS, 
> nothing happens - no errors. 
> 
> Adam
> 
>