just one cert

[RYAN vAN GINNEKEN]

I have created my own root certificate and key so i can become my own 
CA.  Have created singed certs for my imap smtp and webmail server  
using the common name  computerking.ca.  This works fine for mozilla but 
with microsoft' s outlook and explorer i get errors  about the CN name 
not matching the server name ie the name of the security certificate is 
invalid or does not match the name of the site.  So now i have tried to 
create several certs with different CN names ( need one  for 
mail.computerking and one for mail1.computerking.ca ) and signing them 
with the same CA but i get this error.

v22.computerking.ca > /usr/local/sslcerts #openssl ca -out name-cert.pem 
-config ./openssl.cnf -infiles name-req.pem
Using configuration from ./openssl.cnf
Enter pass phrase for ./private/cakey.pem:
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
organizationName      :PRINTABLE:'Computerking'
organizationalUnitName:PRINTABLE:'Computerking Security'
localityName          :PRINTABLE:'Calgary'
stateOrProvinceName   :PRINTABLE:'Alberta'
countryName           :PRINTABLE:'CA'
commonName            :PRINTABLE:'mail1.computerking.ca'
Certificate is to be certified until Aug  9 07:50:02 2014 GMT (3650 days)
Sign the certificate? [y/n]:y
failed to update database
TXT_DB error number 2

Is there a way to make just one cert that will work for microsoft 
products because the CN computerking.ca does not work for either 
mail1.computerking.ca or mail.computerking.  Everything seems to work 
fine in Mozilla  to bad  i have clients that insist on using microsoft.  
Would an IP address work for microsoft????

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]