• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 248
  • Last Modified:

Client Certificates Authentication

Does anyone know what this means and how to fix it.  I'm using a client certificate to call a server and I get this response:

No common name contained in certificate distinguished name -
Common name not found in distinguished name:

0
vinny45
Asked:
vinny45
1 Solution
 
chris_calabreseCommented:
The distinguished name, or DN, is the thing that looks something like
<myname>.<mycompany>.<mycountry> (chris_calabrese.mycompany.us)

The common name, or CN, is a short "handle" that usually gets used in practice to refer to the certificate (probably chris_calabrese in the above).

Sounds like your certificates don't have the CN field filled in.
0
 
vinny45Author Commented:
How do I find out to verify this.
0
 
chris_calabreseCommented:
Never done that before. I'd google for tools/info to dissect an X.509 cert and tell you what's inside.
0
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

 
Tim HolmanCommented:
Where did you get the cert from ?  What type of cert is it ? What client are you using, and what server ?
0
 
vinny45Author Commented:
its an intuit(quickbooks)signed client certificate. I'm using an asp.net application as a client to connect to a server. So I have Window 2003 Server with the client Cert installed into the Local_machine\personal store. I exported a DER encoded binary file without the private keys so my asp.net application can use it using the x509Certificate class and httpWebRequest class to send the data and cert to an Intuit server which i believe uses some open source machine(openssl to read the cert or something i think)

what do you think.

btw. Intuit asked for a 64 base version of my cert to test with and it worked fine, but in my asp.net app i use the DER version. Is it possible that their server cannot read my Cert because of the format. btw .net does not support 64 Base encoded files

hopefully i make sense
0
 
vinny45Author Commented:
i meant 64 base encoded certs
0
 
chris_calabreseCommented:
I doubt it's the encoding. However, if the cert comes from intuit, it's possible that they don't provide a CN in their cert's. It wouldn't be a problem for their own apps since they probably map the DN to the account.
0
 
ahoffmannCommented:
win2k3 should be able to show the cert's details
If it fails (I don't comment M$ tools:), then use openssl to check your cert http://www.openssl.org/
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now