The method specific identifier MUST match the common name used in the SSL/TLS certificate, and it MUST NOT include IP addresses. A port MAY be included and the colon MUST be percent encoded to prevent a conflict with paths. Directories and subdirectories MAY optionally be included, delimited by colons rather than slashes.
As noted in RFC 6125, subjectAltName is the preferred place for the identity.
As noted in RFC 6125, subjectAltName is the preferred place for the identity.