Subject Alternative Name: Difference between revisions
Content deleted Content added
Sammi Brie (talk | contribs) Adding local short description: "Allows various names to be associated with a security certificate", overriding Wikidata description "allowing various names to be associated with a security certificate" |
Moved content to Public key certificate as bold continuation of old proposal Tag: New redirect |
||
| Line 1: | Line 1: | ||
#REDIRECT [[Public key certificate#Subject Alternative Name certificate]] |
|||
{{Short description|Allows various names to be associated with a security certificate}} |
|||
{{primary sources|date=May 2016}} |
|||
[[File:Subject Alt Names on Firefox 90 screenshot.png|thumb|300px|right|An example of a Subject Alternative Name section for domain names owned by the [[Wikimedia Foundation]]]] |
|||
'''Subject Alternative Name''' ('''SAN''') is an [[X.509#Extensions informing a specific usage of a certificate|extension]] to [[X.509]] that allows various values to be associated with a security certificate using a <code>subjectAltName</code> field.<ref>{{cite web |
|||
| url=https://www.openssl.org/docs/manmaster/man5/x509v3_config.html#Subject-Alternative-Name |
|||
| title=x509v3_config - X509 V3 certificate extension configuration format |
|||
| publisher=[[OpenSSL]] |
|||
| access-date=2020-01-16}}</ref> These values are called ''Subject Alternative Names'' (SANs). Names include:<ref>{{IETF RFC|5280}}: 4.2.1.6. Subject Alternative Name</ref> |
|||
{{Rcatsh| |
|||
* [[Email addresses]] |
|||
{{R to section}} |
|||
* [[IP address]]es |
|||
{{R from merge}} |
|||
* [[URI]]s |
|||
}} |
|||
* [[DNS name]]s: this is usually also provided as the Common Name [[Distinguished Name#Directory structure|RDN]] within the Subject field of the main certificate. |
|||
* Directory names: alternative [[Distinguished Name#Directory structure|Distinguished Names]] to that given in the Subject. |
|||
* Other names, given as a ''General Name'' or ''Universal Principal Name'': a registered [[object identifier]] followed by a value. |
|||
{{IETF RFC|2818}} (May 2000) specifies Subject Alternative Names as the preferred method of adding DNS names to certificates, deprecating the previous method of putting DNS names in the <code>commonName</code> field.<ref name="chrome58">{{cite web |url=https://developers.google.com/web/updates/2017/03/chrome-58-deprecations#remove_support_for_commonname_matching_in_certificates |title=Deprecations and Removals in Chrome 58 |last=Medley |first=Joseph |date=March 2017 |publisher=Google Developers |access-date=2022-01-04 }}</ref> [[Google Chrome]] version 58 (March 2017) removed support for checking the <code>commonName</code> field at all, instead only looking at the SANs.<ref name="chrome58" /> |
|||
==See also== |
|||
* [[Wildcard certificate]] |
|||
==References== |
|||
{{Reflist}} |
|||
[[Category:Public-key cryptography]] |
|||
{{crypto-stub}} |
|||
Latest revision as of 17:34, 3 September 2024
This page is a redirect. The following categories are used to track and monitor this redirect:
|