Need to compare client certificate CN with an entry in /etc/hosts

Steve Holdoway steve at greengecko.co.nz
Tue Nov 26 22:55:19 UTC 2013


Well, this has absolutely nothing to do with nginx, but 

openssl x509 -in <your cert> -text -noout

will tell you which domain ( or hostname ) the certificate is for.

Steve

On Tue, 2013-11-26 at 22:48 +0000, Radha Venkatesh (radvenka) wrote:
> Jonathan,
> 
> The requirement is that we match an existing hostname entry in /etc/hosts with the Client certificate CN (CN has to be the hostname of the client).
> 
> Thanks,
> Radha.
> 
> -----Original Message-----
> From: nginx-bounces at nginx.org [mailto:nginx-bounces at nginx.org] On Behalf Of Jonathan Matthews
> Sent: Tuesday, November 26, 2013 11:55 AM
> To: nginx at nginx.org
> Subject: Re: Need to compare client certificate CN with an entry in /etc/hosts
> 
> On 26 November 2013 19:19, Radha Venkatesh (radvenka)
> <radvenka at cisco.com> wrote:
> > we have to match the client certificate CN with an
> > existing entry in /etc/hosts.
> 
> Please could you specify *exactly* what you need to ensure matches?
> It's not obvious (to me!), given what you wrote and given the minimal
> information available in /etc/hosts.
> 
> Jonathan
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

-- 
Steve Holdoway BSc(Hons) MIITP
http://www.greengecko.co.nz
Linkedin: http://www.linkedin.com/in/steveholdoway
Skype: sholdowa



More information about the nginx mailing list