Overview#Subject Alternative Name (subjectAltName or SAN) attribute is an Certificate Extensions to X.509 that allows additional Certificate Subject names to be associated with certificate.
Subject Alternative Name MAY include:
- Email addresses
- IP Address
- DNS names (alternatives to the Common Name)
- directory names (alternatives to the Distinguished Names)
- other objects, given as a registered Object Identifier followed by a value
Subject Alternative Name and IP Address#RFC 5280 section 18.104.22.168 specifies iPAddress alternative name format, designed to hold dotted quads (IPv4) or 16 octets (IPv6).
You can specify a dotted quad in a dNSName field of the SAN. To quote RFC 5280:
The name MUST be in the "preferred name syntax", as specified by Section 3.5 of RFC 1034 and as modified by Section 2.1 of RFC 1123 The latter suggests that software should be tolerant of finding IP addresses in "host name" fields:
Whenever a user inputs the identity of an Internet host, it SHOULD be possible to enter either
- (1) a host domain name or
- (2) an IP address in dotted-decimal ("#.#.#.#") form.
- MSIE and MS Edge
- Python 2.
More Information#There might be more information for this subject on one of the following:
- Certificate Extensions
- Certificate Subject
- Certificate Validation
- Example Certificate
- OpenSSL Commands
- Site Certificate