Solved

Server Name Doesn't Match Certificate Error in Windows Apache 2.2

Posted on 2011-03-14
5
689 Views
Last Modified: 2012-05-11
We are setting up an apache reverse proxy w/ ssl.  We have the reverse proxy working w/o ssl.  Need it working with ssl.  Created a certificate w/ the CN=proxy.domain.com where domain is replaced by our domain name.  We have servername and namevirtualhost commands setup to support proxy.domain.com.  Getting an error in the logs, the cipproxy.localhost-error.log file =
[Mon Mar 14 07:41:26 2011] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Mar 14 07:41:26 2011] [warn] RSA server certificate CommonName (CN) `proxy.dmain.com' does NOT match server name!?
I undertsand the first line to relate to the fact we are using a self-cert.  The second line is the issue. Can anyone shed some light, remember this is a windows version of apache run on a 2k3 server box.  I can post partial configs if needed
Thanks.
0
Comment
Question by:jtmoske
  • 3
  • 2
5 Comments
 
LVL 9

Expert Comment

by:fcontrepois
ID: 35139494
Every certificate must have the domain name as it's CN field.

One certificate per domain, unless you use e wildcard domain like *.mydomain.com
0
 

Author Comment

by:jtmoske
ID: 35139538
Thank you for the response, isn't that what I have the CN=proxy.domain.com where domain.com is the domain is our actual domain.
0
 
LVL 9

Accepted Solution

by:
fcontrepois earned 250 total points
ID: 35139606
if your virtualhost is called proxy.domain.com apache will be happy.

Create a new certificate and put the domain name that's called by clients OR
create a new certificate with cn=*.domain.com
0
 

Author Comment

by:jtmoske
ID: 35139823
That is where my issue is.  I do have the virtualhost called proxy.domain.com.  But I still get the error.  I can also try to make a cert with *.domain.com.  Will follow up.
0
 

Author Closing Comment

by:jtmoske
ID: 35140814
Thank you, I found the error in the config file, there was another entry with server name command later in the file.  Removed that and went well.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
Learn about cloud computing and its benefits for small business owners.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question