> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Richard Sexton > Sent: Wednesday, March 16, 2005 10:28 AM > To: openssl-users@openssl.org > Subject: Re: Field CN and the certificates > > >> All the IEs show the same error. Netscape on Solaris even > shows "You > >> have attempted to establish a connection with "abc.mydomain.com". > >> However the security certificate presented belongs to > "abc.mydomain.com" .... > >> > >> The thing makes me confused is the two host names that the warning > >> displays are the same. > >> > > > >Well firstly you can rule out DNS records. To avoid DNS spoofing > >attacks the only thing that is important is the hostname the browser > >uses and the server it talks to ultimately. > > I asked Vu to send me his root ca, installed it in IE and I > can see his site just fine no popups. > > I can't see mine, in IE only - works in every other browser > just fine, but but not IE. Vu can see mine with zero problems.
I would like to say thanks to everybody who gave me advice on this problem. Yesterday Richard gave me a note about an "odd" field subjectAltName. I commented out that line from my openssl.conf and rebuilt my CA root and other certs. With this new CA root, everything works just fine. I tested on my XP,Linux and Solaris at home and all do not give me the popup/warning any more. Richard, on my notebook, I just got the same strange error you got with you site. I can open any https site but not my sites. After removing the old root ca and installing the new one, now I can see them. Again, thanks everybody. Vu ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
