With this feature enabled, Web sites with wildcard certificates (consisting of CN entries such as *.mydomain.com) are verified using the main domain (mydomain.com). Verification is evaluated in this sequence:
- Server name check in the "Client Hello" (depends on the browser used)
- Check of the CN in the SSL certificate that you received
- Entries with wildcards are ignored
- If the CN cannot be verified, the field "Alternative Name"is evaluated.
- DNS reverse lookup of the associated IP address and verification of the host name obtained
- If wildcards are included in the certificate, the main domain is checked instead (corresponds to the above function)
- Verification of the IP address
- SNMP ID:
- 2.41.2.2.29
- Console path:
- Setup > UTM > Content Filter > Global settings
- Possible values:
- No
- Yes
- Default:
- No
