Re: [IPCop-devel] SSL Certificates

[Neil A. H. <ne...@re...>]

Andrew,

>Whenever I connect to the IPCop GUI (1.4 betas) I get a pop-up from
>Internet Explorer to the effect that I've got an dodgy certificate "The
>name on the certificate is invalid or does not match the name on the
>site".
<snip>

>In the Setup menu of IPCop, I have a host name of "ipcop" and a domain
>name of "dhf".  The certificate, when viewed in internet explorer, says
>it is issued from ipcop.dhf to ipcop.dhf, so the names are getting
>through.
>
>About the only thing I can't think of left to look at is whether my
>hostname or domain name may be "illegal", but I don't know what the
>rules are and I'd have expected the setup routine to bounce them if
>they were.
You must use the certificate so that the requested host is the same as
the one the certificate was generated for.  In this case:

https://ipcop.dhf:445/

That should do the trick.  Your web browser may still complain that the
certificate is not signed by a recognised root CA, unless you have your
own and have told your web browser to accept it.

HTH,


                                Neil.

-- 
Neil A. Hillard                E-Mail:   ne...@re...
Regional Webs Ltd.             Web:      http://www.regionalwebs.net/