Host Name In Certificate
- Last Updated: September 13, 2024
- 1 minute read
- DataDirect Connectors
- ODBC
- Apache Spark SQL 8.0
- Documentation
Attribute
HostNameInCertificate (HNIC)
Purpose
A host name for certificate validation when SSL encryption is enabled (EncryptionMethod=1) and validation is enabled (ValidateServerCertificate=1). This option provides additional security against man-in-the-middle (MITM) attacks by ensuring that the server the driver is connecting to is the server that was requested.
Valid Values
host_name | #SERVERNAME#
where:
- host_name
- is the host name specified in the certificate. Consult your SSL administrator for the correct value.
Behavior
If host_name is specified, the driver compares the specified host name to the DNSName value of the SubjectAlternativeName in the certificate. If the certificate does not have a SubjectAlternativeName, the driver compares the host name with the Common Name (CN) part of the certificate. If the values do not match, the connection fails and the driver throws an exception.
If #SERVERNAME# is specified, the driver
compares the server name that is specified in the connection URL or data source of the
connection to the DNSName value of the SubjectAlternativeName in the certificate. If the
certificate does not have a SubjectAlternativeName, the driver compares the host name to the
CN part of the certificate’s Subject name. If the values do not match, the connection fails
and the driver throws an exception. If multiple CN parts are present, the driver validates
the host name against each CN part. If any one validation succeeds, a connection is
established.
Default
None