Figure 38 - Subject

We can se there are several things in the Subject – but the most critical is the Common Name. Here we can see why the browser URL of “https://192.168.0.20” would fail to pass the certificate check but “https://NPIC1F319.example.internal” would not fail. This interesting fact comes as a surprise to most people – the IP address is not usually part of the certificate (Note: IP addresses can be included in certificates). Another way of verifying the name is to use the SubjectAlternateName. To see this, we need to look at the trace of the LDAPS connection shown in Figure 39 – SubjectAltName.

84