 Posted 2/10/2010 3:08:25 PM
|
|
|
|
| I am using OpenSSL to create a self sign certificate and have a need to add approximately 4000, yes 4000, DNS entries (don't ask why) using Subject Alternative Name. I have succeeded in creating a certificate with 500 DNS entries and it works just fine with no noticeable latency accessing the web sites listed via the SAN in the certificate. However, I run into a problem when I create a certificate with more than 500 SAN entries. OpenSSL creates the certificate and there are no indications of any problems. After installing the new certificate, however, I can no longer access any of the sites where the certificate is installed. I've read RFC3280 and there is no mention of a maximum for SAN entries. Has anyone had any experience with this or do you have any ideas? Thanks for any help.
|
|
|
|