eleanor
5th May 2009, 07:38
Hi, I need to know why I get this error when authenticating with certificates:
"The host name did not match any of the valid hosts for this certificate"
"The root certificate of the certificate chain is self-signed, and untrusted"
The certificates that I created are:
server.crt
Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=CA, OU=CA, CN=test.com
Validity
Not Before: May 4 23:42:50 2009 GMT
Not After : May 2 23:42:50 2019 GMT
Subject: C=SI, ST=Slovenia, L=Ljubljana, O=Server, OU=Server, CN=Server
client.crt
Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=CA, OU=CA, CN=test.com
Validity
Not Before: May 4 23:43:01 2009 GMT
Not After : May 2 23:43:01 2019 GMT
Subject: C=SI, ST=Slovenia, L=Ljubljana, O=Client, OU=Client, CN=Client
ca.crt
Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=CA, OU=CA, CN=test.com
Validity
Not Before: May 4 23:42:47 2009 GMT
Not After : May 4 23:42:47 2029 GMT
Subject: C=SI, ST=Slovenia, L=Ljubljana, O=CA, OU=CA, CN=test.com
Both server certificate and client certificate are signed by the CA certificate. And CN=test.com is actually a valid hostname that can be resolved by DNS servers into an WAN IP.
Any ideas?
"The host name did not match any of the valid hosts for this certificate"
"The root certificate of the certificate chain is self-signed, and untrusted"
The certificates that I created are:
server.crt
Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=CA, OU=CA, CN=test.com
Validity
Not Before: May 4 23:42:50 2009 GMT
Not After : May 2 23:42:50 2019 GMT
Subject: C=SI, ST=Slovenia, L=Ljubljana, O=Server, OU=Server, CN=Server
client.crt
Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=CA, OU=CA, CN=test.com
Validity
Not Before: May 4 23:43:01 2009 GMT
Not After : May 2 23:43:01 2019 GMT
Subject: C=SI, ST=Slovenia, L=Ljubljana, O=Client, OU=Client, CN=Client
ca.crt
Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=CA, OU=CA, CN=test.com
Validity
Not Before: May 4 23:42:47 2009 GMT
Not After : May 4 23:42:47 2029 GMT
Subject: C=SI, ST=Slovenia, L=Ljubljana, O=CA, OU=CA, CN=test.com
Both server certificate and client certificate are signed by the CA certificate. And CN=test.com is actually a valid hostname that can be resolved by DNS servers into an WAN IP.
Any ideas?