Subject Alternative Name
Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field.[1] These values are called Subject Alternative Names (SANs). Names include:[2]
- Email addresses
- IP addresses
- URIs
- DNS names: this is usually also provided as the Common Name RDN within the Subject field of the main certificate.
- Directory names: alternative Distinguished Names to that given in the Subject.
- Other names, given as a General Name or Universal Principal Name: a registered object identifier followed by a value.
An example of a Subject Alternative Name section for domain names owned by the Wikimedia Foundation
RFC 2818 (May 2000) specifies Subject Alternative Names as the preferred method of adding DNS names to certificates, deprecating the previous method of putting DNS names in the commonName field.[3] Google Chrome version 58 (March 2017) removed support for checking the commonName field at all, instead only looking at the SANs.[3]
See also
References
- "x509v3_config - X509 V3 certificate extension configuration format". OpenSSL. Retrieved 2020-01-16.
- RFC 5280: 4.2.1.6. Subject Alternative Name
- Medley, Joseph (March 2017). "Deprecations and Removals in Chrome 58". Google Developers. Retrieved 2022-01-04.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.