10 May
2017
10 May
'17
9:01 a.m.
Quanah Gibson-Mount wrote:
--On Wednesday, May 10, 2017 4:21 PM +0100 Howard Chu hyc@symas.com wrote:
No. One or the other must match, but the CN must be an FQDN. The point of alternatives is to support wildcards, aliases, and non-DNS name forms (such as IP address).
RFC reference?
RFC 6125 which in turn mentions RFC 4513.
Sorry but that makes no sense. "localhost" is 127.0.0.1. Always.
Wish that were true, but I've come across installations where that wasn't the case (I've seen 127.0.0.2 for example). Also, on an IPv6 only machine, it could be ::1 (Although again, I've seen it be other IPv6 addresses as well).
AFAIK 127.0.0.2 is used by some Linux distributions for a hostname != 'localhost' with non-networked status.
Ciao, Michael.