On 02/03/2012 10:41 AM, Krzysztof Mazurek wrote:
That's kind of basic SSL functionality - to warn you or deny access if
servers DNS name does not match the CN in certificate ;)
So SSL connection may not continue when:
1. CA is unknown and cannot be verified,
2. Certificates CN field (Common Name) doesn't match the DNS name of
server,
3. Servers SSL certificate is too old or is on a CRL list.
4. and as usual other SSL implementation problems ;)
Try connecting to HTTPS website with web browser and get the
certificate. See if it's valid and the CN coresponds with DNS name.
You must connnect to dns name (not IP adress - it won't work). I would
start with that.
Krzysztof
I think this problem does not belong to the above four reasons :).
Googling "wget subject alternative name" shows that it is the wget bug
that is fixed in version 1.13.
-- missing a check for Subject Alternative Name (TLS cert.)
closes: Bug#409938
The versions I am using are 1.11 on RHEL 5.4 and 1.12 on RHEL 6.2
Thanks,
Vu
_______________________________________________
rhelv5-list mailing list
rhelv5-list@redhat.com
https://www.redhat.com/mailman/listinfo/rhelv5-list
