CharlesA, no error on the server side, but the client side still throws up errors about a mismatched certificate.
koenn, thanks for that breakdown. I'll give that a shot and try to piece it all together.
CharlesA, no error on the server side, but the client side still throws up errors about a mismatched certificate.
koenn, thanks for that breakdown. I'll give that a shot and try to piece it all together.
have a close look at that error.
The certificate on your server is supposed to identify/authenticate your server, for the beneifit of the clients (eg so that users don't send their credentials to a rogue server). That's the primary purpose of those certs. So the server cert will contain the FQDN of the server (in principle; there exist "wildcard" certs), and the clients have to approach it using that same FQDN. If they don't, they'll get a security warning about a name mismatch, telling them "this may not be the server you think it is, are you sure you want to go there ?"
So if your server is certified 'www.orangecat.com' but you test it with URLs like 'localhost' or an IP address or anything that is not that specific name , you'll get that warning.
Last edited by koenn; November 20th, 2013 at 08:58 PM. Reason: typos
If this is a public site, you can always check the SSL stuff with SSL labs:
https://www.ssllabs.com/ssltest/
Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide
Tomorrow's an illusion and yesterday's a dream, today is a solution...
Thanks for all the help and suggestions. A lot of stuff to work on and test, so I don't know when I'll be posting back on this thread again, but I do very much appreciate the help.
Bookmarks