Previous page Section 3.11.28. TLS_CertificateVerifyFailedHook Section 3.11.29. TLS_SRVName (251 / 1718)   Table of Contents Section 3.11.30. TLS_UseCADefaultLocations Next page

3.11.29. TLS_SRVName Previous topic Parent topic Child topic Next topic

TLS_SRVName is intended for use by <AuthBy RADSEC> and <AuthBy DNSROAM> to specify a DNS SRV Name that is matched against possible SubjectAltName:SRV extensions in the peer certificate. If TLS_SRVName is specified and the peer certificate contains SubjectAltName:SRV extensions, none of which match TLS_SRVName, the certificate is not accepted.
Format is _service._transport.name (this is the same format SRV names appear in DNS records). Only service and name are matched.
TLS_SRVName _radsec._tcp.example.com
Previous page Section 3.11.28. TLS_CertificateVerifyFailedHook Section 3.11.29. TLS_SRVName (251 / 1718)   Table of Contents Section 3.11.30. TLS_UseCADefaultLocations Next page