>> >I use openssl to build a self-signed certificate for my web >> server. I imported the CA cert to my PC already. >> > >> >When I open the web server, IE says the certificate is from >> >a trusted CA as expected, the security certificate is valid, but it >> >says the name is invalid. >> >> You mean like this: https://paypal.com ? > >Yes, I access to https://abc.mydomain.com and CN=abc.mydomain.com > >More details : this server hosts two different name abc.mydomain.com and >def.mydomain.com, each with different ip ) for https access. > >I use <VirtualHost ip-of-abc.mydomain.com:443> and >VirtualHost<ip-of-def.mydomain.com:443> and these virtual hosts work because >IE points to the correct DocumentRoot for each name.
What is the reverse-dns for the IP address pointed to by abc (and def) mydomain.com ? I've seen Apache take an IP address pointed to by more than one domain look up the reverse and use whatever that is. For example is you made a cert for abc, yet def points to the same IP and the reverse says def then def is what it will use; this will not match abc and you'll get this error. Just a guess... (It's better to use "example.com" for examples, that domain is reserved for this use. Somebody actually owns and uses "mydomain.com") -- Richard J. Sexton, [EMAIL PROTECTED] /"\ ASCII ribbon / [EMAIL PROTECTED] [EMAIL PROTECTED] \ / campaign against / http://open-rsc.org http://cr.yp.to/dnsroot.html X HTML mail / http://watches.mbz.org http://mbz.org '67 250SE/C / \ and postings / 613 473 1719 83 633 83 300SD 72 280SE 70 280SE ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
