Host Name In Certificate
- Last Updated: August 22, 2023
- 1 minute read
- Hybrid Data Pipeline
- Version 5.0
- Documentation
Attribute
HostNameInCertificate (HNIC)
Purpose
A host name that is validated against the information stored in an
SSL certificate when validation is enabled (ValidateServerCertificate=1). This option provides additional security against
man-in-the-middle (MITM) attacks by ensuring that the server the driver is
connecting to is the server that was requested. This option is only valid when SSL
encryption is enabled.
Valid values
host_name | #SERVERNAME#
- host_name
- is the host name specified in the certificate. Consult your SSL administrator for the correct value.
Behavior
If the value is set to a host name, the driver examines the subjectAltName values included in the certificate. If a dnsName value is present in the subjectAltName values, then the driver compares the value specified for Host Name In Certificate with the dnsName value. The connection succeeds if the values match. The connection fails if the Host Name In Certificate value does not match the dnsName value.
If no subjectAltName values exist or a dnsName value is not in the list of subjectAltName values, then the driver compares the value specified for Host Name In Certificate with the commonName part of the Subject name in the certificate. The commonName typically contains the host name of the machine for which the certificate was created. The connection succeeds if the values match. The connection fails if the Host Name In Certificate value does not match the commonName.
If multiple commonName parts exist in the Subject name of the certificate, the connection succeeds if the Host Name In Certificate value matches any of the commonName parts.
Default
None
GUI tab
Security tab
See also
Data encryption