Re: What does it mean - Name on certificate does not match name of the site
Richard - Seems like you've been barking at the wrong tree if you've been playing with the Company Org Unit field. Look my previous message what field you need to play with. /Pae Greetings! Thanks for the replies so far. Unfortunately, I haven't got it to work yet. I'm putting various combinations of server name / domain name in the Company Org Unit field, but to no effect. Is there a way to view the two fields while running in a browser, i.e. what the server is sending, and what the certificate says? Actually, I know what the cert says, but it obviously does not agree with what the server is sending. I'd like to be able to see what is coming to the browser. IE doesn't seem to display much info. Thanks, -Richard -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: What does it mean - \Name on certificate does not match name of the site\
Pae wrote: It usually means that the name, e.g., Common Name, in your certificate and the name of your server, e.g., http server, where the certificate originated from don't match. How did you created the certificate? Ex, openssl? Pae Pae, Thank you for your assistance so far. I'm using the Java SDK keytool tool to create the certificate. Here is an actual session with keytool. My typing is in just for clarity. The contains either what I have been typing, or a comment on what I was typing. All other text comes from the keytool... === keytool -genkey -alias tomcat -keyalg RSA -keystore /users/.keystore Enter keystore password: password What is your first and last name? [Unknown]: Richard Huntrods What is the name of your organizational unit? [Unknown]: hci - I don't really know what to put here - I was putting machine What is the name of your organization? [Unknown]: HCI - this is my company, not my domain What is the name of your City or Locality? [Unknown]: Calgary What is the name of your State or Province? [Unknown]: Alberta What is the two-letter country code for this unit? [Unknown]: CA - for Canada Is CN=Richard Huntrods, OU=hci, O=HCI, L=Calgary, ST=AB, C=CA Correct? [no]:yes Enter key password for tomcat (RETURN if sam as keytore password): RETURN === That generates the keystore. Which one is common name? Thanks again in advance for your assistance. Is there more documentation on keytool that you know of? The on line help merely lists the possible options, but does not tell you what they mean. -Richard -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: What does it mean - \Name on certificate does not match name of the site\
The CN in the distinguished name is standing for Common Name. Pae - Original Message - From: Richard S. Huntrods [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Saturday, December 22, 2001 8:21 AM Subject: Re: What does it mean - \Name on certificate does not match name of the site\ Pae wrote: It usually means that the name, e.g., Common Name, in your certificate and the name of your server, e.g., http server, where the certificate originated from don't match. How did you created the certificate? Ex, openssl? Pae Pae, Thank you for your assistance so far. I'm using the Java SDK keytool tool to create the certificate. Here is an actual session with keytool. My typing is in just for clarity. The contains either what I have been typing, or a comment on what I was typing. All other text comes from the keytool... === keytool -genkey -alias tomcat -keyalg RSA -keystore /users/.keystore Enter keystore password: password What is your first and last name? [Unknown]: Richard Huntrods What is the name of your organizational unit? [Unknown]: hci - I don't really know what to put here - I was putting machine What is the name of your organization? [Unknown]: HCI - this is my company, not my domain What is the name of your City or Locality? [Unknown]: Calgary What is the name of your State or Province? [Unknown]: Alberta What is the two-letter country code for this unit? [Unknown]: CA - for Canada Is CN=Richard Huntrods, OU=hci, O=HCI, L=Calgary, ST=AB, C=CA Correct? [no]:yes Enter key password for tomcat (RETURN if sam as keytore password): RETURN === That generates the keystore. Which one is common name? Thanks again in advance for your assistance. Is there more documentation on keytool that you know of? The on line help merely lists the possible options, but does not tell you what they mean. -Richard -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED] -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
What does it mean - Name on certificate does not match name of the site
Greetings! Last post for a while - I promise! G What does it mean - Name on certificate does not match name of the site? I did the self-signed certificate thing for SSL. There are three messages that appear on the pop-up dialog when you access the secure site. The first says The certificate ... non-trusted company (in essence). It is a warning. The second message says ... date is valid. It is OK. The third warning is the one above. I know and expect the first warning - unless someone like Verisign signs the certificate, it is considered untrusted. Self-signed certificates will always give this warning. No problem. However, when you create a self-signed cert, I cannot find a place to put the site - so I cannot see how this third warning can be prevented. The questions are: Your name (I assume that's my personal name) Your company org unit (what the heck is this? I put my domain name here) Your company (obvious) Your city (obvious) Your province/state (obvious) Your country code (two letters) Besides the passwords, I cannot see what would signify site to the certificate. Assistance? Feel free to point me to something on Sun or Verisign's site. I didn't find anything on a cursory look-over, but I'd be glad to know of an M to RTF. Cheers, and thanks in advance. -Richard -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
RE: What does it mean - Name on certificate does not match name of the site
put the qualified name of your machine: yourmachine.yourdomain.com, if you are only trying with localhost put localhost -Original Message- From: Richard S. Huntrods [mailto:[EMAIL PROTECTED]] Sent: Friday, December 21, 2001 1:55 PM To: [EMAIL PROTECTED] Subject: What does it mean - Name on certificate does not match name of the site Greetings! Last post for a while - I promise! G What does it mean - Name on certificate does not match name of the site? I did the self-signed certificate thing for SSL. There are three messages that appear on the pop-up dialog when you access the secure site. The first says The certificate ... non-trusted company (in essence). It is a warning. The second message says ... date is valid. It is OK. The third warning is the one above. I know and expect the first warning - unless someone like Verisign signs the certificate, it is considered untrusted. Self-signed certificates will always give this warning. No problem. However, when you create a self-signed cert, I cannot find a place to put the site - so I cannot see how this third warning can be prevented. The questions are: Your name (I assume that's my personal name) Your company org unit (what the heck is this? I put my domain name here) Your company (obvious) Your city (obvious) Your province/state (obvious) Your country code (two letters) Besides the passwords, I cannot see what would signify site to the certificate. Assistance? Feel free to point me to something on Sun or Verisign's site. I didn't find anything on a cursory look-over, but I'd be glad to know of an M to RTF. Cheers, and thanks in advance. -Richard -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Re: What does it mean - Name on certificate does not match name of the site
Greetings! Thanks for the replies so far. Unfortunately, I haven't got it to work yet. I'm putting various combinations of server name / domain name in the Company Org Unit field, but to no effect. Is there a way to view the two fields while running in a browser, i.e. what the server is sending, and what the certificate says? Actually, I know what the cert says, but it obviously does not agree with what the server is sending. I'd like to be able to see what is coming to the browser. IE doesn't seem to display much info. Thanks, -Richard -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
