3.9.21. TLS_SRVName Previous topic Parent topic Child topic Next topic

TLS_SRVName is intended for use by <AuthBy RADSEC> and <AuthBy DNSROAM> to specify a DNS SRV Name that is matched against possible SubjectAltName:SRV extensions in the peer certificate. If TLS_SRVName is specified and the peer certificate contains SubjectAltName:SRV extensions, none of which match TLS_SRVName, the certificate is not accepted.
Format is _service._transport.name (this is the same format SRV names appear in DNS records). Only service and name are matched.
TLS_SRVName _radsec._tcp.example.com