Comment 16 for bug 1826227

Reviewed: https://review.opendev.org/671479
Committed: https://git.openstack.org/cgit/starlingx/config/commit/?id=6ac774799e1db3d2bf9cc5c053593005e8d9d763
Submitter: Zuul
Branch: master

commit 6ac774799e1db3d2bf9cc5c053593005e8d9d763
Author: Teresa Ho <email address hidden>
Date: Wed Jul 17 23:43:25 2019 -0400

    Add checks for dns name in certificate

    This commit adds validation of https certificate for openstack
    to ensure the provisioned endpoint domain matches the dns names
    or the common name in the certificate.

    If the domain is example.com, then the CN or SAN value must be
    *.example.com.
    SAN values, such as *.*.example.com, bad.*.example.com would not be
    accepted.

    Closes-Bug: 1826227

    Change-Id: Ib50491282e8bf15b42f008d4eb55a7db9d64999b
    Signed-off-by: Teresa Ho <email address hidden>