I'm trying to setup an SSL SVN server and when I try to checkout remotely I get the error Server certificate
was missing commonName attribute in subject name
I did some googling and from what I can tell I need to add the IP address of the URL I'm accessing to openss.cnf with the commonName attribute like below. I did that but I still get the error.
commonName = xx.xxx.xx.xx
commonName_max = 64
-
It sounds like a CommonName mismatch with the SSL certificate. Does the CN in your SSL certificate match your server?
You can run the following to view the SSL certificate:
openssl x509 -noout -text -in ssl.crtEdit
To generate a snake oil cert, first generate the key:
openssl genrsa -out host.key 1024Now generate the certificate:
openssl req -new -key host.key -x509 -days 3650 -out host.crtopenssl will prompt you for the information:
Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []: Email Address []:Common Name is where you specify your server's hostname.
Webnet : I don't see "CN" in there anywhere... perhaps that's the problem? It's not an official SSL, just something I generated on the server.Warner : Check out my edit, that may be the issue.Webnet : Can I just modify the certificate now to include a common name rather than re-generate it?Warner : That's not possible.From Warner
0 comments:
Post a Comment