Uploaded image for project: 'Gazelle Security Suite'
  1. Gazelle Security Suite
  2. GSS-53

Add a field to enter the subjectAlternativeName in when creating the request certificate.

    Details

    • Type: Story
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.0.0
    • Component/s: PKI
    • Labels:
      None
    • Account:
      Yearly Extensions 2018 (YEARLYEXT2018)

      Description

      The RFC6125 (https://tools.ietf.org/html/rfc6125) recommends

      Move away from including and checking strings that look like
            domain names in the subject's Common Name.

         o Move toward including and checking DNS domain names via the
            subjectAlternativeName extension designed for that purpose:
            dNSName.
         o Move toward including and checking even more specific
            subjectAlternativeName extensions where appropriate for using the
            protocol (e.g., uniformResourceIdentifier and the otherName form
            SRVName).

         o Move away from the issuance of so-called wildcard certificates
            (e.g., a certificate containing an identifier for
            "*.example.com").

      So add that field in the request, and suggest people to use the system hostname in there.

        Attachments

          Activity

            People

            • Assignee:
              yct Youn Cadoret
              Reporter:
              epoiseau Eric Poiseau
            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 2 days, 4 hours Original Estimate - 2 days, 4 hours
                2d 4h
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 week, 3 days, 2 hours
                1w 3d 2h

                  Potential Duplicates