What's the difference between server.certificate.hostname and server.certificate.subject policy condition.
Article ID: 168231
Updated On:
Products
ProxySG Software - SGOS
Issue/Introduction
Those two conditions are triggered Subject field in certificate, both. However, if certificate has Subject Alternative Name (SAN) in inside, server.certificate.hostname hits the top of the DNS name.
For example, attached certificate here,
----
<ssl>
server.certificate.subject = ".vo.msecnd.net" allow
server.certificate.hostname=".adn.azureedge.net" allow
-----
Both policy rule should match and allow for accessing to https://az216772.vo.msecnd.net site.
For example, attached certificate here,
----
<ssl>
server.certificate.subject = ".vo.msecnd.net" allow
server.certificate.hostname=".adn.azureedge.net" allow
-----
Both policy rule should match and allow for accessing to https://az216772.vo.msecnd.net site.
Cause
Attachments
Feedback
Powered by
