On Tue, Dec 09, 2003 at 12:28:47PM -0600, Jose Hernandez wrote: > Here, the problem is in the Certificate, the Linux hostname is not the same > that you gave in the certificate ... > > I mean in the Common Name field It must be the Linux hostname ...
website name as fetched from server cert CN should be the same as specified in VirtualHost section of Apache server. This name is not required to be the same as linux box hostname; they only should both resolve to the same IP address. Please note I mean the VirtualHost listening to port 443 with "SSLEngine on" > > -----Original Message----- > From: Leon [mailto:[EMAIL PROTECTED] > Sent: Tuesday, December 09, 2003 12:20 p.m. > To: [EMAIL PROTECTED] > Subject: Apache see cert as CA > > > I'm trying to get a SSL site up on Apache. My system is: > Redhat 8 > Apache 2.0.40 > OpenSSL .0.9.6b > > When I start Apache, It seems to think everything is OK. But when I try to > browse to a page, I just get the default Apache home page. If I look at > the SSL error log I get: > [Mon Dec 08 15:35:24 2003] [warn] RSA server certificate CommonName (CN) > `rt.domainname.com' does NOT match server name!? > [Mon Dec 08 15:36:14 2003] [warn] RSA server certificate is a CA > certificate (BasicConstraints: CA == TRUE !?) > I have worked thru the HOWTO's on Redhat creating a private key and > creating the certs > http://www.europe.redhat.com/documentation/HOWTO/SSL-RedHat-HOWTO-3.php3 > > My ssl.conf entry is: > NameVirtualHost rt.domainname.com:443 > <VirtualHost 192.168.0.99:443> > ServerName rt.domainname.com > DocumentRoot /opt/rt3/share/html > ErrorLog logs/rt/error_log > CustomLog logs/rt/access_log combined > #AddDefaultCharset UTF-8 > PerlModule Apache2 Apache::compat > PerlModule Apache::DBI > PerlRequire /opt/rt3/bin/webmux.pl > > <Directory /opt/rt3/share/html> > Order allow,deny > Allow from all > Options All > AllowOverride All > AddDefaultCharset UTF-8 > <Files *.html> > SetHandler perl-script > PerlHandler RT::Mason > </Files> > </Directory> > > <Directory /opt/rt3/share/html/Ticket/Attachment> > SetHandler perl-script > PerlHandler RT::Mason > </Directory> > <Directory /opt/rt3/share/html/SelfService/Attachment> > SetHandler perl-script > PerlHandler RT::Mason > </Directory> > <Directory /opt/rt3/share/html/REST> > SetHandler perl-script > PerlHandler RT::Mason > </Directory> > > </VirtualHost> > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] -- Naina library: http://www.unity.net/~vf/naina_r1.tgz ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
