Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.3: Importing self-signed SSL certificates' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.3: Importing self-signed SSL certificates
Authored by: BraindeadMac on Oct 28, '03 07:35:15PM

I had this problem, too. That's because the "Common Name" field must match the host name you are trying to connect to...a lot of hints out there (err, including one of mine) suggest you use your own common name for that field when making a self signed certificate. However, if you enter the machine host name instead when prompted for Common name by openssl when creating the certificate (e.g., localhost or 127.0.0.1 or whatever) the certificate will be recognized as valid. That's a run on sentence, but hopefully you'll get the idea.



[ Reply to This | # ]
10.3: Importing self-signed SSL certificates
Authored by: jrdavidson on Jan 22, '04 07:24:06PM

Ok - I'll bite. I have three certs from my company's PKI infrastructure:

a. the root CA cert (cn=rootca.company.com)
b. the CA cert (cn=ca.company.com)
c. my public key cert (cn=Lastname,Firstname MI.)
d. my private key (no cn)

On which of these must the cn match the mailserver? The root?

Thanks.

John



[ Reply to This | # ]