Hi everyone,
What is the difference between the the below two server lines. Is there any security concern by specifying IP address instead of FQDN on server line?
server line with FQDN
server server1 bt-service.abc.com:443 check ssl ca-file @system-ca verify required verifyhost *.abc.com
server line with IP Address
server server1 xx.xx.xx.xx:443 check ssl ca-file @system-ca verify required verifyhost *.abc.com
A certificate was already attached to my backend server and when i execute the below command in my backend server/ instance it gave output as *.abc.com
command:
openssl x509 -noout -subject -in certificate certificate.pub
Is SSL verification process is same in both scenarios?
Thank you in advance !