Summary: | add support for Subject Alternate Name (SAN) | ||||||
---|---|---|---|---|---|---|---|
Product: | Claws Mail (GTK 2) | Reporter: | Pd <claws-mail> | ||||
Component: | Other | Assignee: | users | ||||
Status: | RESOLVED WORKSFORME | ||||||
Severity: | enhancement | ||||||
Priority: | P3 | ||||||
Version: | 3.13.2 | ||||||
Hardware: | PC | ||||||
OS: | Linux | ||||||
Attachments: |
|
Description
Pd
2016-05-17 19:36:17 UTC
Created attachment 1647 [details]
Screenshot
We already check Subject Alternate Names. Function gnutls_x509_crt_check_hostname() is used, which does that implicitly. I just tested a connection against a server which uses a different Subject CN, and a few SANs, and it worked just fine, server name matching one of the SANs. You can load your CA to your system's CA list (/etc/ssl for most Linux distributions). |