Updated Certificate Authority (markdown)

dn42 wiki commited 2015-02-15 13:12:18 +0000 commit 421d80b6f0e076c57b809cd8189df282f46a6bf3

services/Certificate-Authority.md

@@ -56,12 +56,12 @@ The following sites have been set up to demonstrate the CA failing to sign arbit

 They all use the same certificate, that should be regarded invalid by whatever software you use because of

 ```

- Subject: CN=badkey.sour.is

-[...]

 X509v3 Subject Alternative Name: 

- DNS:badkey.sour.is, DNS:badkey.xuu.me, DNS:badkey.xuu.dn42, DNS:*

+ DNS:badkey.internal.dn42, DNS:badkey.sour.is, DNS:badkey.xuu.me, DNS:google.com, DNS:*.com, DNS:*.*

+

 ```

+even though the subject says `CN=badkey.internal.dn42`, which would be allowed.

 ## Importing the certificate

...	...	@@ -56,12 +56,12 @@ The following sites have been set up to demonstrate the CA failing to sign arbit
56	56
57	57	They all use the same certificate, that should be regarded invalid by whatever software you use because of
58	58	```
59		- Subject: CN=badkey.sour.is
60		-[...]
61	59	X509v3 Subject Alternative Name:
62		- DNS:badkey.sour.is, DNS:badkey.xuu.me, DNS:badkey.xuu.dn42, DNS:*
	60	+ DNS:badkey.internal.dn42, DNS:badkey.sour.is, DNS:badkey.xuu.me, DNS:google.com, DNS:.com, DNS:.*
	61	+
63	62
64	63	```
	64	+even though the subject says `CN=badkey.internal.dn42`, which would be allowed.
65	65
66	66	## Importing the certificate
67	67