Resolution:
Description:
================
Does EMS support the use of certificates with Subject Alternative Name (SAN) extension?

Resolution:
==================
EMS has not been officially tested with the certificates using this particular Subject Alternative Name (SAN) extension. EMS only looks at the DN and does not consider alternative names. Based on our tests, if the Subject Alternative Name(SAN) extension is defined correctly in the certificates, the SSL connection may not fail.

If the Subject Alternative Name(SAN) extension is not generated correctly, for example:
        X509v3 Subject Alternative Name:
            othername:&ltunsupported>

The EMS C client may fail with following error message when trying to create a SSL connection:

“SSL verify error 26: unsupported certifcate purpose”.

The EMS Java client may not fail with the SSL connection. We recommend regenerating the server certificate without Subject Alternative Name (SAN) extension for EMS usage.

Does EMS support the use of certificates with Subject Alternative Name extenstion (SAN)?