QSslSocket hostname mismatch

**eleanor** · 5th May 2009, 09:57

Doesn't CN match the IP...they are all test.com == so they are all the same (they have the same IP) ?

Also, if I create a CA cert and self sign it doesn't application trust it...it should.

Can you be more specific with this? Can you provide an example?

**wysota** · 5th May 2009, 10:06

Originally Posted by eleanor

Doesn't CN match the IP...they are all test.com == so they are all the same (they have the same IP) ?

$ host test.com
test.com has address 205.178.152.103

Is 205.178.152.103 your IP on all sides of the communication (client/server/ca)?

Also, if I create a CA cert and self sign it doesn't application trust it...it should.

No, it shouldn't.

Can you be more specific with this? Can you provide an example?

I'm not sure what example would you like me to provide

I can't teach you SSL in 5 minutes, take a book on SSL or read a tutorial to undestand why a self-signed CA can't be trusted (at least out of the box).

**eleanor** · 5th May 2009, 10:40

$ host test.com
test.com has address 205.178.152.103

Is 205.178.152.103 your IP on all sides of the communication (client/server/ca)?

Well how can I declare the certificate then...it's not possible for 205.178.152.103 to be the IP on all sides of the communication.

**wysota** · 5th May 2009, 22:08

Unless you have access to a real CA you won't be able to generate a fully valid certificate so it doesn't really matter what you place there. But if you want to be as close to a proper certificate as possible, you have to place a proper common name on the certificate and ignore the "self-signed certificate" warning. This is really not a place for an SSL tutorial, so searching for one might be a better idea than asking about it here.