Results 1 to 2 of 2

Thread: [SOLVED] Problem with certificate renew

  1. #1
    Join Date
    Jul 2007
    Location
    Brazil
    Posts
    55
    Rep Power
    8

    Unhappy [SOLVED] Problem with certificate renew

    Dear All,

    I renewed my certificate with the same information the last certificate and
    my browse give to me this warning.
    "The security certificate presented by this website was issued for a different website´s address."

    My configuration is showed below.
    server name: mailhost.mydomain.com.br
    webmail URL: webmail.mydomain.com.br

    I checked my Subject: CN in my certificate and it is correct. What´s wrong?
    I show the command output below.

    [root@mailhost commercial]# /opt/zimbra/openssl/bin/openssl x509 -text -in commercial.crt
    Certificate:
    Data:
    Version: 3 (0x2)
    Serial Number: 534497 (0x827e1)
    Signature Algorithm: sha1WithRSAEncryption
    Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org
    Validity
    Not Before: Feb 4 11:41:21 2010 GMT
    Not After : Aug 3 11:41:21 2010 GMT
    Subject: CN=webmail.mydomain.com.br
    Subject Public Key Info:
    Public Key Algorithm: rsaEncryption
    RSA Public Key: (1024 bit)
    Modulus (1024 bit):
    xx:XX:XX:XX:XX:XX:XX
    Exponent: 65537 (0x10001)
    X509v3 extensions:
    X509v3 Basic Constraints: critical
    CA:FALSE
    X509v3 Extended Key Usage:
    TLS Web Client Authentication, TLS Web Server Authentication, Netscape Server Gated Crypto, Microsoft Server Gated Crypto
    X509v3 Key Usage:
    Digital Signature, Key Encipherment
    Authority Information Access:
    OCSP - URI:http://ocsp.cacert.org/

    X509v3 Subject Alternative Name:
    DNS:mailhost.mydomain.com.br, DNS:ns.mydomain.com.br
    Signature Algorithm: sha1WithRSAEncryption
    xxxxx...

    Best regards,
    Bibo

  2. #2
    Join Date
    Jul 2007
    Location
    Brazil
    Posts
    55
    Rep Power
    8

    Default

    Hi All,

    When you use the Subject Alternative Name (SAN) you must add the CN in the SAN. I have added and I resolved my problem. In that case my SAN was
    Subject Alternative Name:
    DNS:mailhost.mydomain.com.br, DNS:webmail.mydomain.com.br


    Best regards,
    Bibo

Similar Threads

  1. [SOLVED] Problem when install CAcert certificate
    By bibo in forum Administrators
    Replies: 4
    Last Post: 11-17-2008, 05:49 AM
  2. problem with certificate + WM6?
    By raul_denia in forum Zimbra Mobile
    Replies: 0
    Last Post: 09-01-2008, 06:39 AM
  3. Certificate fun...
    By TommyTheKid in forum Administrators
    Replies: 2
    Last Post: 02-12-2008, 05:32 PM
  4. SSL certificate problem(?) Tomcat not working
    By akai in forum Installation
    Replies: 1
    Last Post: 07-02-2007, 03:43 PM
  5. Certificate problem with SMTP using TLS
    By yuit in forum Installation
    Replies: 4
    Last Post: 11-02-2006, 06:03 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •