[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: TLS bare minimum

my server is 'myserver.com' but I'm hosting the ldap domain 'NOTmyserver.com' (test.com in this case) I have to use myserver.com when creating the cert, not the ldap domain correct?

-----Original Message-----
From: Quanah Gibson-Mount [mailto:quanah@zimbra.com]
Sent: Tue 6/5/2007 6:36 PM
To: West, Jon (NIH/NIMH) [C]
Cc: openldap-software@openldap.org
Subject: RE: TLS bare minimum

--On June 5, 2007 6:28:11 PM -0400 "West, Jon (NIH/NIMH) [C]" 
<wjon@mail.nih.gov> wrote:

> yes, I've actually have it looking at the cert but I still get a
> connection error when using TLS I think I understand it
> ldap_start_tls: Connect error (-11)
>         additional info: TLS: hostname does not match CN in peer
> certificate I think this means is because I used 'test.com' as the server
> name when generating the cert rather then the actual server? test.com is
> just the test domain I am using


Please keep replies to the list.

This error means that the host name in the certificate does not match the 
hostname for the server.  They must match to establish a TLS connection.


Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra ::  the leader in open source messaging and collaboration