Public CA do not allow internal names and reserved IP address any more

With November 2015 public CAs do not issue new certificates that uses internal names or reserved IP addresses in subjectAltName or in commonName. Furthermore such certificates will be revoked on October 1st, 2016.

Internal names are hostnames that do not end with an Top Level Domain ending (.com, .de, …). For example: .local, .internal. Also NetBIOS names without any domain extension are affected.

Reserved IP addresses are defined by Internet Assigned Numbers Authority (IANA). You can look reservations for IPv4 here  (RFC 1918 range) and IPv6 here (RFC 4193 range).

If you are using an internal CA you are not affected. For more information about this change of public CAs click here. For more information about VMware products click here.

Advertisements
Public CA do not allow internal names and reserved IP address any more

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s