Actual quotes of the error message are typically useful in this
situation.
-c
On Aug 10, 2007, at 3:34 PM, Dinanath Sulakhe wrote:
I am using this hostcert with an apache instance for authentication
and it was failing. I was getting an error message saying the
hostname doesn't match.
-Dina
On Aug 10, 2007, at 2:13 PM, Joseph Bester wrote:
On Aug 10, 2007, at 2:21 PM, Dinanath Sulakhe wrote:
Hi,
I am doing some testing on lucky cluster and I ran into a problem
while using simple CA. When I generated a host certificate for
lucky0:
grid-cert-request -host lucky0.mcs.anl.gov
the Subject line in the generated cert looks something like this:
Subject: O=Grid, OU=GlobusTest, OU=simpleCA-lucky0.mcs.anl.gov,
OU=mcs.anl.gov, CN=host/lucky0.mcs.anl.gov
It adds "host" before the hostname for the CN, and I had
authentication problems because of this. Is this default behavior
intentional or do you guys think it should only have hostname
without "host/" ? I could change this behavior by explicitly
adding the CN flag while generating the host cert:
That is normal, and should be handled fine by clients which are
using host-based authorization. Did you have an app that wasn't
working because of this name?
joe
