[Freeipa-users] add a cert of .net insetad of .com error ?
Rob Crittenden
rcritten at redhat.com
Fri Apr 11 12:47:17 UTC 2014
barrykfl at gmail.com wrote:
> Dear all:
>
> I added *.abc.net <http://abc.net> cet to certutil -d /etc/httpd/alias
> and /etc/dirsrv/slapd-ABC-COM
>
> But error comes out after when i login the UI of service and cick in entry .
>
> cannot connect to
> 'https://cert1.abc.com:443/ca/agent/ca/displayBySerial': [Errno -12276]
> (SSL_ERROR_BAD_CERT_DOMAIN) Unable to communicate securely with peer:
> requested domain name does not match the server's certificate.
This is the SSL MITM protection. The subject of the certificate on the
server needs to match the hostname that the client is requesting.
You can't just change the domain name of your installation by replacing
the certificates.
rob
More information about the Freeipa-users
mailing list