Does anyone know about a workaround/fix for the below problem? We'd like to
use a wildcard certificate ...
I tested the "wildcard" test-certificate offered by www.thawte.com
The test:
I control the DNS, so I put a "*.gmoney.com" entry in my DNS file, and ping
tested multiple names, ie. hello.mydomain.com, xxxx.mydomain.com, etc.
Everything resolves to a specific IP, which is a box running Linux RedHat7
with preconfigured SSL and Apache (comes already set up with RH7).
I generated a CSR with the command "make certreq", submitted it to
www.thawte.com, receieved a CRT, copied the CRT to the file
/etc/httpd/conf/ssl.crt/server.crt, and restarted apache.
Findings:
All clients connecting over SSL recieve the "non-trusted authority" error
(this is normal for a "test" certificate).
Win98 IE5 clients report "hostname matches the certificate."
Win2K IE5 clients report "hostname does not match the certificate."
Win98 NS4.7 only reports "non-trusted authority." No mention of hostname
match or not.
Win2K NS4.7 only reports "non-trusted authority." No mention of hostname
match or not.
Any and all suggestions/fixes/workarounds will be greatly appreciated.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
