14 Jan
2010
14 Jan
'10
2:35 p.m.
Philip Guenther wrote:
On Wed, 13 Jan 2010, Michael Ströder wrote:
Howard Chu wrote:
Michael Ströder wrote:
Howard Chu wrote:
Show the output with debugging enabled. Note that "localhost" is treated specially, and will be replaced by the local hostname instead of being used directly in the name comparison.
Why that? I strongly dislike automagic things when doing security checks.
Probably because "localhost" is useless in an actual cert from a remote server.
Yes. But nothing prevents the client from providing the correct hostname.
True, so why didn't you? :-)
I'm not the original poster having an issue.
Ciao, Michael.