SSL wildcard certificate support

[qc7]

Hi,

I have very recently began trialling Plastic and thus far I am extremely impressed! This really does seem to be (one of, at least) the best out there. I really like the paradigm behind the whole system.

One relatively minor issue I have encountered (but it's very simple to fix!) is to do with the SSL secure certificate support.

I have configured a CA certificate to be used, but it's a wildcard certificate which means the common name (CN) is *.domain.com instead of just domain.com.

While Plastic SCM does allow it to be used, and all communication is secure, when first launching the application a dialog pops up with the following :-

WARNING: the hostname provided in the server certificate doesn't match the server's hostname. This means that the certificate was not issued to this hostname or that there is a network configuration problem with this host.

- Certificate hostname: CN=*.domain.com

- Server hostname: CN=host.domain.com

If you want to continue connecting to this host, choose 'Yes'. The certificate validation will continue (not recommended).

If you want to abandon the connection, choose 'No' (recommended).

As I said, this pops up every time the application is started (or a new/different connection initiated within the app) so it's a bit annoying and would be so easy to fix. The developers simply need to correctly handle the meaning of *. at the beginning of a CN, just like all modern browsers do.

I look forward to continuing my journey with Plastic and judging by what I've read thus far, with Codice being super responsive to issues and this being simple to resolve, I also look forward to a fix in the next external release.

Thanks again for creating such an awesome SCM.

Regards.

[manu]

Hi qc7!

Thanks for the suggestion! we will take it into account. Can you please add the idea into the user voice system? The top ideas of the webpage are implemented in the newer releases: http://plasticscm.uservoice.com/forums/15467-general

[qc7]

Thanks manu! Done!

For anyone that cares about security and remote access, please vote for this:

http://plasticscm.us...ificate-support

[manu]

Thanks for adding it!

Let's vote it!

[psantosl]

Just as a reminder to anyone visiting this: this is no longer an issue. If it was ever a problem (we are not even sure), it is no longer an issue.

We tested wildcard certificates on our servers again today, and weren't able to repro any issues. No questions are asked to the user and everything seems to work fine.