[cabfpub] .well-known and re-directs
Jeremy Rowley
jeremy.rowley at digicert.com
Tue Jul 18 18:35:30 UTC 2017
We recently encountered a reoccurring scenario while using .well-known to
validate a certificate. The customer is trying to validate basedomain.com
using http://basedomain.com/.well-known/pki-validation/[page
<http://basedomain.com/.well-known/pki-validation/%5bpage> ]. However, the
server redirects this to
https://www.basedomain.com/.well-known.pki-valdiation/[page
<https://www.basedomain.com/.well-known.pki-valdiation/%5bpage> ] Because
basedomain.com cannot be used to verify www.basedomain.com
<http://www.basedomain.com> , the validation fails. Is this the correct
result? Or is a returned random value through a re-direct sufficient to
verify the base domain?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170718/d58465ad/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4964 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/public/attachments/20170718/d58465ad/attachment.p7s>
More information about the Public
mailing list