Does certificate common name verification check Subject Alternative Name?

[vklemet]

Hi,

Our service provider updated certificates on our email server and our POP server address moved from common name to Subject Alternative Name in the certificate. This caused NetTalk to reject connection to the server when trying to receive emails with error: "The Remote TLS Certificate's Common Name (webmail.tietohippu.com) does not match the Server name (tietohippu.com). And so the connection failed to open NetSimple.TakeEvent"

Does Does certificate common name verification check Subject Alternative Name? And if not, should it check, as SAN is used to add more than one domain to certificate?

We are using server tietohippu.com on port 995. CN and SAN on certificate look like this (from https://www.sslchecker.com/sslchecker):

Common name:
webmail.tietohippu.com

SAN:
autodiscover.tietohippu.com, cpanel.tietohippu.com, cpcalendars.tietohippu.com, cpcontacts.tietohippu.com, tietohippu.com, webdisk.tietohippu.com, webmail.tietohippu.com, www.tietohippu.com

BR,
Vesa

[Jane]

What version of NetTalk?  I don't remember when Bruce added SAN support.

Seems to work with NT 12.35.

[vklemet]

Thanks Jane!
It is a version problem. Some of our older apps are still NT10 and NT11. With NT12 it works, so it is time to update those apps. I should have noticed this myself.