[Operators] server certs for XMPP and SIP

Daniel Pocock daniel at pocock.com.au
Fri Jan 27 22:11:34 UTC 2012

I've got two questions:

- what are the specifications for a subjectAltName (SAN) cert that can
be used for both Jabber and SIP?

- which CAs have been reliable in providing such certs?

Background info that I found:

- I understand the certs used to differ (SIP used the dNSName record
type, while Jabber used otherName xmppAddr)

- since the revised RFC 6120, Jabber now supports dNSName, same as SIP


- the xmpp.net page found by Google only refers to the StartCom CA:


- the wiki page found by Google appears to be concerned with the old

- many of the CA web sites just refer to `subjectAltName' or SAN
certificates - they don't advise what type of data (e.g. otherName or
dNSName) they are willing to put in the cert

More information about the Operators mailing list