[Swan] subdomain certs not accepted
Andrew Cagney
andrew.cagney at gmail.com
Tue Jan 16 23:52:24 EET 2024
On Tue, 16 Jan 2024 at 14:45, Paul Wouters <paul at nohats.ca> wrote:
>
> On Jan 16, 2024, at 13:51, Marc <Marc at f1-outsourcing.eu> wrote:
> >
> > Working with the CA of the example on this page[1]
> >
> > certutil -S -x -n "Example CA" -s "O=Example,CN=Example CA" \
> > -k rsa -g 4096 -v 12 -d sql:${HOME}/tmpdb -t "CT,," -2
> >
> > certs xxx.example.com are accepted however aaa.bbbb.example.com seem to be reject.
>
> Why? Did you specify constrains in the rightid= ?
>
> > This is not really logged, is it possible to have this logged?
>
> Can you show the full log of what you see? All rejections are logged.
I suspect I've seen this, can you file a bug with the example and add
the tag logging.
More information about the Swan
mailing list