> Just to explain why I need this: I run services on a laptop that has
> several different names, depending on whether it's on our wireless
> network, connected to a hardwire ethernet, or at home connected via
> our hardware VPN system (where it could potentially have four
> different names, depending on how it's plugged in). But when my Java
> client connects to one of them, using HTTP over SSL, it insists on
> verifying the the service the way RFC 2818 says to (actually, it
> doesn't say to; it's an informational RFC). But, of course, since the
> name of the machine has changed, the cert for the service has changed
> as well. To work around this, the server is notified of network
> changes, and tries to figure out the name of the machine, and pick the
> right cert. To know only the local name, without the FQDN, which
> seems to be the default on a Mac, is useless. But there also doesn't
> seem to be any reliable way to *obtain* the current FQDN on a Mac,
> certainly not from Java. In fact, I gave up trying to figure it out
> from Java; instead, I run a Python script from Java which tries to
> figure it out, and returns the result to Java.
>
> Bill
If your server machine has potentially several names, why don't you just
purchase a wildcard cert? It's easier to manage and typically more
economical too. So in all cases your server will return a cert for
*.mydomain.com so it doesn't matter what hostname (ftp.mydomain.com,
www.mydomain.com) the client has attempted to reach.
--
Marko Hantula
DB Solo - The SQL Query Tool
www.dbsolo.com
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Java-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/java-dev/email@hidden
This email sent to email@hidden
