Mailinglist Archive: opensuse (1690 mails)

< Previous Next >
Re: [opensuse] Configure smtp_auth/postfix/dovecot for mobile device relay - quick howto - request for comment
On 11/08/2011 01:17 AM, Per Jessen wrote:
David C. Rankin wrote:

<snip>
# Common Name (*.example.com is also possible)
CN=*.yourTLD.com

Why not use the actual hostname?



It really has to do with CNAME or server aliases in /etc/hosts. Say one box is also known as 'www.yourTLD.com', 'hostname.yourTLD.com', 'ftp.yourTLD.com', 'mail.yourTLD.com', etc... My understanding is the '*.example.com' CN prevents any potential conflict from a cert standpoint when SSL/TLS authentication is invoked from the different servers (ssh, sftp, saslauthd, https, etc...)

I've never really gotten a concise "why?" answer, but that is my best guestimate at the legitimate reason why...

Anybody else with more info on this, please chime in, I'm curious as well...

--
David C. Rankin, J.D.,P.E.
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups