[CentOS] Self-signed certificates
Thomas E Dukes
edukes at alltel.net
Mon Jan 23 22:46:58 UTC 2006
> -----Original Message-----
> From: centos-bounces at centos.org
> [mailto:centos-bounces at centos.org] On Behalf Of Jim Perrin
> Sent: Monday, January 23, 2006 5:29 PM
> To: CentOS mailing list
> Subject: Re: [CentOS] Self-signed certificates
>
> > > > Just tried those instructions and got the same result.
> Does the
> > > > certificate name have to be called 'server'
> > >
> > > No, but that's the default. If you change it to something
> else, then
> > > you need to edit /etc/httpd/conf.d/ssl.conf to match.
> >
> > I tried putting the info for the secure sub-domain in the ssl.conf
> > with the name of the sub-domain certificate but that didn't work
> > either. Still shows the certificate for the top-level domain. :-(
>
>
> Hmm, maybe I'm not clear on what you're trying to do. Is this
> a virtual host? Is it a Name based virtual host? ssl is done
> per ip, so if you're doing name based virtual hosting, you
> only get one cert, unless you change to a non-standard https
> port for your second secure host.
Yes, this is a named based virtual host.
It must be stuck on being named 'server'. I changed/renamed the
subdomain.key and subdomain.crt to server.key and server.crt and now get the
proper name on the certificate for the sub-domain but now don't have a
certificate for the top level domain.
>
> The way around this (not a GOOD way, but a way) is to
> generate an ssl cert for *.domain.com. This way it's valid
> for all subdomains.
Hmmm. I'll give that a try. Not really interested in the error about being
'self-signed' (issuing authority) but just want the name to be right and the
security to be there.
Will try and let you know.
Thanks!!!!!!!!!
More information about the CentOS
mailing list