Host Name In Certificate
- Last Updated: September 13, 2024
- 1 minute read
- DataDirect Connectors
- ODBC
- Progress Openedge 8.0
Attribute
HostNameInCertificate (HNIC)
Purpose
A host name for certificate validation when TLS/SSL encryption is enabled
(EncryptionMethod=1) and validation is enabled
(ValidateServerCertificate=1). This option provides additional security
against man-in-the-middle (MITM) attacks by ensuring that the server the driver is
connecting to is the server that was requested.
Valid Values
host_name |
#SERVERNAME#
where:
- host_name
- is the host name specified in the certificate. Consult your TLS/SSL administrator for the correct value.
Behavior
If set to a host name, the driver compares the specified host name to the DNSName value of the SubjectAlternativeName in the certificate. If the certificate does not have a SubjectAlternativeName, the driver compares the host name with the Common Name (CN) part of the certificate. If the values do not match, the connection fails and the driver throws an exception.
If set to #SERVERNAME#, the driver compares the server
name that is specified in the connection URL or data source of the connection to the DNSName
value of the SubjectAlternativeName in the certificate. If the certificate does not have a
SubjectAlternativeName, the driver compares the host name to the CN part of the
certificate’s Subject name. If the values do not match, the connection fails and the driver
throws an exception. If multiple CN parts are present, the driver validates the host name
against each CN part. If any one validation succeeds, a connection is established.
Default
No default value