Univention Bugzilla – Bug 44639
Include DNS Alias in SSL Certificate
Last modified: 2019-09-12 09:01:43 CEST
Currently only the FQDN (CNAME) is part of the SSL Certificate. It would be awesome when also Aliases are included. This should be the default.
Already implemented via Bug #44469. But currently there is a race condition, which breaks the process in some cases: - during the join the computer account and its DNS records are created. - it needs time to get BIND to reload the modified zone, which happens asynchronously in the background and is delayed by UDLs 15s postrun phase. - the certificate gets created before that is finished and might miss some CNAMEs. *** This bug has been marked as a duplicate of bug 44469 ***