6

我只是想知道 YouTube SSL 证书是如何工作的,因为它说它是发给 *.google.com 的。

我认为通配符 SSL 证书仅适用于子域?

在此先感谢弗朗西斯

4

1 回答 1

11

证书中的通用名称 (CN) 仅在不存在 DNS 主题备用名称时使用(请参阅RFC 2818 第 3.1 节)。当存在 SAN 时,它们中的任何一个都可以很好地识别服务器。YouTube 使用的证书具有所有这些:

DNS Name: *.google.com
DNS Name: *.android.com
DNS Name: *.appengine.google.com
DNS Name: *.cloud.google.com
DNS Name: *.google-analytics.com
DNS Name: *.google.ca
DNS Name: *.google.cl
DNS Name: *.google.co.in
DNS Name: *.google.co.jp
DNS Name: *.google.co.uk
DNS Name: *.google.com.ar
DNS Name: *.google.com.au
DNS Name: *.google.com.br
DNS Name: *.google.com.co
DNS Name: *.google.com.mx
DNS Name: *.google.com.tr
DNS Name: *.google.com.vn
DNS Name: *.google.de
DNS Name: *.google.es
DNS Name: *.google.fr
DNS Name: *.google.hu
DNS Name: *.google.it
DNS Name: *.google.nl
DNS Name: *.google.pl
DNS Name: *.google.pt
DNS Name: *.googleapis.cn
DNS Name: *.googlecommerce.com
DNS Name: *.gstatic.com
DNS Name: *.urchin.com
DNS Name: *.url.google.com
DNS Name: *.youtube-nocookie.com
DNS Name: *.youtube.com
DNS Name: *.youtubeeducation.com
DNS Name: *.ytimg.com
DNS Name: android.com
DNS Name: g.co
DNS Name: goo.gl
DNS Name: google-analytics.com
DNS Name: google.com
DNS Name: googlecommerce.com
DNS Name: urchin.com
DNS Name: youtu.be
DNS Name: youtube.com
DNS Name: youtubeeducation.com
于 2013-08-15T18:38:57.270 回答