Re: [fw-wiz] netscreen 25 sofaware ipsec interop

From: Ng Pheng Siong (
Date: 01/11/04

  • Next message: Johnny J.: "[fw-wiz] using AAA for NAT accounting"
    To: "R. DuFresne" <>
    Date: Sun, 11 Jan 2004 20:37:58 +0800

    On Tue, Jan 06, 2004 at 10:18:54AM -0500, R. DuFresne wrote:
    > how does one create a cert for a dynamic IP?

    Wildcard CN, e.g.,

     Subject: C=SG, O=The Net Memetic Pte Ltd,

    The dynamic IPs PTR back to, say,, and you create
    certs with CN=*

    Verification is entirely up to the relying application, of course.


    Ng Pheng Siong <> -+- Firewall Change Management & Version Control -+- Open Source Python Crypto & SSL
    firewall-wizards mailing list

  • Next message: Johnny J.: "[fw-wiz] using AAA for NAT accounting"

    Relevant Pages

    • Re: ssl certificate error/warning with rpc over http (outlook anywhere) 2007 exchange/outlook...
      ... You don't need a wildcard cert, but you do either need a SAN cert with multiple names on it, or you need to set up another IIS virtual server and use a normal cert with the autodiscover name. ... except that users get a certificate warning about a mismatch on ... I have no interest at this point in getting a wildcard ssl ...
    • Re: Remote App slow to access
      ... I fixed the cert problem thoby telling TS to accept the wildcard cert...must ... I am using a wildcard certificate and coming in via ISA (all the ...
    • Re: Wildcard SSL Implementation
      ... You can have a wildcard DNS name - for sure, and if you can get a wildcard ... SSL cert then it'll work. ...
    • Multiple SSLs on the same IIs server
      ... I need to add a site that doesn't fit the wildcard naming scheme. ... I have read that I need a unique IP address for the site so the users will be given the right ssl cert when they browse the site. ... Is there another way or would I need a single IP for every single site that has its own ssl? ...