sslsniff icon indicating copy to clipboard operation
sslsniff copied to clipboard

Published 20 hours ago verified publisher icon moxie0

Parse CN from DN using OpenSSL facilities

Open droe opened this issue 13 years ago • 1 comments

Use OpenSSL facilities to parse the CN from the DN. This allows to correctly parse certificates which have additional DN components after the CN, such as "emailAddress". The manual parsing included additional components following the CN as part of the common name, which in turn lead to DNS lookups for malformed domain names such as "www.example.com/[email protected]".

Fixes issue #12 reported by ju916

droe avatar Feb 01 '12 23:02 droe

In my view, the behavior of openssl req (LibreSSL 2.8.3) which appends email to the CN is a bug, as it leads browsers like Chrome to report "Your connection is not private" and NET::ERR_CERT_COMMON_NAME_INVALID.

artgoldberg avatar Jun 22 '22 14:06 artgoldberg