> Once I purchase a trusted certificate, I was assuming both of these > warnings would be removed; I thought a SAN-certificate would allow me to > connect to the website using alternative names without getting the > "invalid or does not match" warning. > > Thanks, > > David
What error are you getting now? Is it specific about whether the problem is that certificate is invalid or that it does not match or what? The certificate only proves the identity of the server if the client is using a name that is contained in the certificate, and the client software uses the same stored in that place. What is the client software? What name is it using to access the server? And what are the contents of the name fields in the certificate? Is the certificate signed by an authority the clients are configured to trust? If there are any needed intermediate certificates, is the server sending them to the clients? If you're sure it's supposed to work, and it's not, you need to troubleshoot. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
