]> git.ipfire.org Git - thirdparty/haproxy.git/commit
projects / thirdparty / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5846c49) | patch
MINOR: ssl: Support SAN extension for certificate generation
authorShimi Gersner <sgersner@microsoft.com>
Sun, 23 Aug 2020 10:58:13 +0000 (13:58 +0300)
committerWilliam Lallemand <wlallemand@haproxy.org>
Tue, 25 Aug 2020 14:36:06 +0000 (16:36 +0200)
commitadabbfe5a446cf5e74d3d5614ee71ec292042c01
treec0a00971a10c54022895ec98600f40dc996e4a08tree | snapshot
parent5846c490ce662076862737c11ffb71e00e71593ecommit | diff
MINOR: ssl: Support SAN extension for certificate generation

The use of Common Name is fading out in favor of the RFC recommended
way of using SAN extensions. For example, Chrome from version 58
will only match server name against SAN.

The following patch adds SAN extension by default to all generated certificates.
The SAN extension will be of type DNS and based on the server name.
src/ssl_sock.c diff | blob | blame | history
Mirror of https://github.com/haproxy/haproxy.git