Solved

Client Certificates Authentication

Posted on 2004-08-04
8
242 Views
Last Modified: 2010-04-11
Does anyone know what this means and how to fix it.  I'm using a client certificate to call a server and I get this response:

No common name contained in certificate distinguished name -
Common name not found in distinguished name:

0
Comment
Question by:vinny45
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 11720014
The distinguished name, or DN, is the thing that looks something like
<myname>.<mycompany>.<mycountry> (chris_calabrese.mycompany.us)

The common name, or CN, is a short "handle" that usually gets used in practice to refer to the certificate (probably chris_calabrese in the above).

Sounds like your certificates don't have the CN field filled in.
0
 

Author Comment

by:vinny45
ID: 11720640
How do I find out to verify this.
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 11720836
Never done that before. I'd google for tools/info to dissect an X.509 cert and tell you what's inside.
0
Create Professional Looking Email Signatures

Create "Professional HTML Email Signatures" with ease.
7 Day Money Back Guarantee if not 100% Satisfied.
Affordable - Try it out for 7 Days Totally Risk Free.
Installers provided for over 45 Email clients.
Both Windows & MAC Supported.
Highly Recommended!

 
LVL 23

Expert Comment

by:Tim Holman
ID: 11721104
Where did you get the cert from ?  What type of cert is it ? What client are you using, and what server ?
0
 

Author Comment

by:vinny45
ID: 11721258
its an intuit(quickbooks)signed client certificate. I'm using an asp.net application as a client to connect to a server. So I have Window 2003 Server with the client Cert installed into the Local_machine\personal store. I exported a DER encoded binary file without the private keys so my asp.net application can use it using the x509Certificate class and httpWebRequest class to send the data and cert to an Intuit server which i believe uses some open source machine(openssl to read the cert or something i think)

what do you think.

btw. Intuit asked for a 64 base version of my cert to test with and it worked fine, but in my asp.net app i use the DER version. Is it possible that their server cannot read my Cert because of the format. btw .net does not support 64 Base encoded files

hopefully i make sense
0
 

Author Comment

by:vinny45
ID: 11721686
i meant 64 base encoded certs
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 11722462
I doubt it's the encoding. However, if the cert comes from intuit, it's possible that they don't provide a CN in their cert's. It wouldn't be a problem for their own apps since they probably map the DN to the account.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 11729536
win2k3 should be able to show the cert's details
If it fails (I don't comment M$ tools:), then use openssl to check your cert http://www.openssl.org/
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Video enhancement recommendation 7 161
What is the goal of SOC2 compliance? 4 50
Red Hat Satellite report generator 4 48
CertificateAuthority and Firefox 4 44
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question