You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have a wildcard certificate for *.xxx.xx and it is rejected when matched against aaa.xxx.xx. The relevant code is in x509-validation/Data/X509/Validation.hs:
wildcardMatch l
-- <star>.com or <star> is always invalid|length l <2= [InvalidWildcard]
-- some TLD like .uk got small subTLD like (.co.uk), and we don't want to accept *.co.uk|length (head l) <=2&&length (head$drop1 l) <=3&&length l <3= [InvalidWildcard]
| l ==take (length l) (reverse$ splitDot fqhn) =[]-- success: we got a match|otherwise= [NameMismatch fqhn]
There are many two-characters TLDs under which ordinary people can register three-letter domains.
The text was updated successfully, but these errors were encountered:
I have a wildcard certificate for
*.xxx.xx
and it is rejected when matched againstaaa.xxx.xx
. The relevant code is inx509-validation/Data/X509/Validation.hs
:There are many two-characters TLDs under which ordinary people can register three-letter domains.
The text was updated successfully, but these errors were encountered: