Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FTPS does not support subjectAltName attributes in SSL certificates #2856

Closed
cyberduck opened this issue Jan 8, 2009 · 1 comment
Closed

FTPS does not support subjectAltName attributes in SSL certificates #2856

cyberduck opened this issue Jan 8, 2009 · 1 comment
Assignees
@dkocher
Labels
bug fixed ftp-tls FTP (TLS) Protocol Implementation
Milestone
3.1.2

Comments

@cyberduck
Copy link
Collaborator

e4dbe8e created the issue

I love, love, love the Cyberduck but have recently found a bug in the way it evaluates the trustworthiness of SSL certificates. It checks only the Common Name for a match on the server name but ignores the subjectAltName extensions, which are a perfectly valid and common way to secure additional domain names under one certificate. I'd love to see this added to a future Cyberduck update as the alternative is to add a bunch of explicit certificate trusts to your Keychain when working with sites secured this way. Attached are screenshots of what Cyberduck does when connecting to an FTP URL which is secured in the subjectAltName of a certificate with a different Common Name.

cyberduck1.jpg
cyberduck2.jpg

Attachments
@cyberduck
Copy link
Collaborator Author

@dkocher commented

Fixed in c309d63 and cdfeb2d.

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@dkocher dkocher

Labels
bug fixed ftp-tls FTP (TLS) Protocol Implementation
Projects
None yet
Milestone
3.1.2
Development

No branches or pull requests
2 participants
@dkocher @cyberduck