skip to main content
Connection Option Descriptions : Host Name In Certificate
  

Try DataDirect Drivers Now

Host Name In Certificate

Attribute

HostNameInCertificate (HNIC)

Purpose

A host name for certificate validation when SSL encryption is enabled (Encryption Method=1) and validation is enabled (Validate Server Certificate=1). This option provides additional security against man-in-the-middle (MITM) attacks by ensuring that the server the driver is connecting to is the server that was requested.
This information pertains to WindowsFor Windows platforms, the values specified for security-related options when creating a data source determine the behavior of both the driver and the Schema Tool.
This information pertains to UNIX and Linux.To fully enable SSL on UNIX and Linux platforms, you must specify values for security-related options separately for the driver and the Schema Tool. For the driver, these values are specified in the data source or connection string used to configure the driver. For the Schema Tool, these values are specified when creating a schema definition with the Table Wizard. See "Using Security with the Schema Tool" for details.

Valid Values

host_name | #SERVERNAME#
where:
host_name
is the host name specified in the certificate. Consult your SSL administrator for the correct value.

Behavior

If set to a host name, the driver examines the subjectAltName values included in the certificate. If a dnsName value is present in the subjectAltName values, then the driver compares the value specified for Host Name In Certificate with the dnsName value. The connection succeeds if the values match. The connection fails if the Host Name In Certificate value does not match the dnsName value.
If no subjectAltName values exist or a dnsName value is not in the list of subjectAltName values, then the driver and/or Schema Tool compares the value specified for Host Name In Certificate with the commonName part of the Subject name in the certificate. The commonName typically contains the host name of the machine for which the certificate was created. The connection succeeds if the values match. The connection fails if the Host Name In Certificate value does not match the commonName.
If multiple commonName parts exist in the Subject name of the certificate, the connection succeeds if the Host Name In Certificate value matches any of the commonName parts.

Default

None

GUI Tab

Security tab