Actually, IE does get through the handshake. There is a name conflict
because we are going direct to a machine rather than going through a
global load balancer.
When there is a cert name conflict, IE warns you and will happily
continue if you direct it to. Remember I said it gets through the
handshake.
The certs are VeriSign signed (within the last month) with an
intermediate CA file installed on the secure server.
If your suggestion were the case, we would not get successful content
requests to our in house lab.
Thanks anyway.
L
"Wallace, William" wrote:
>
> Are you using an SGC certificate? If so and the address you're using in the
> browser doesn't match that in the certificate then IE will do exactly what
> you've described. Recent versions let you work around it by checking "Check
> for server certificate revocation" in the advanced security settings.
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
