[openssl-users] Subject CN and SANs
Felipe Gasper
felipe at felipegasper.com
Sun Dec 23 02:38:18 UTC 2018
> On Dec 22, 2018, at 9:12 PM, Salz, Rich via openssl-users <openssl-users at openssl.org> wrote:
>
> Putting the DNS name in the CN part of the subjectDN has been deprecated for a very long time (more than 10 years), although it is still supported by many existing browsers. New certificates should only use the subjectAltName extension.
Are any CAs actually doing that? I thought they all still included subject.CN.
-F
More information about the openssl-users
mailing list