[THIN] Re: SSL Certs & WI

• From: "Ron Oglesby" <roglesby@xxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Sun, 21 Sep 2003 09:55:57 -0500

My guess is that you have the WI settings set to go to lets say CSG.
WHOOME. Com... then the cert you have on the CSG server is
web1.whoome.com...

 

The client does not allow you to say OK and continue to connect (at
least the 6.3 clients didn't) and you get stopped at that point.

 

Ron Oglesby

Senior Technical Architect

 

RapidApp

Office 312.372.7188

Mobile 815.325.7618

email roglesby@xxxxxxxxxxxx

 

-----Original Message-----
From: David E. Payne [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of
David E. Payne
Sent: Saturday, September 20, 2003 2:59 PM
To: thin@xxxxxxxxxxxxx
Subject: RE: [THIN] Re: SSL Certs & WI

 

Ron,

 

Why do you think I get an error like this when connecting to CSG?

 

The name on the security certificate does not match the name on the
server (SSL error 59)

 

 

thx,

 

-dave

        -----Original Message----- 
        From: Ron Oglesby [mailto:roglesby@xxxxxxxxxxxx] 
        Sent: Sat 9/20/2003 1:12 PM 
        To: thin@xxxxxxxxxxxxx 
        Cc: 
        Subject: [THIN] Re: SSL Certs & WI

        Well. Lets talk about certs in general.

        First off there is no proper naming convention outside of real
FQDNs.

        Now for WI it all depends. For the web server you just want a
fqdn that is easily remembered like apps.whatever.com. or
remotedesktop.blah.com,  or portal.whome.com etc....

        For the CSG it really doesn't matter. Reason being that the user
never sees it.  I like using GP.blah.com or even CSG though that is a
little giveaway as to what it is.

         

        Now the root or private certs.. well private certs are not
installed anywhere but the server (that's why they are called private).
The root cert is really the CA path. Being a trusted CA bath with is
installed (added) to the client so they trust a certificate authority.
If you have a cert from Verisign thawte etc your browsers will already
trust them so there is no need. If you have a private cert (like you
just created a Microsoft CA) then you need to installed the cert path on
the client (they have a screen for this under url/certsrv.)

         

         

         

         

        Ron Oglesby

        Senior Technical Architect

         

        RapidApp

        Office 312.372.7188

        Mobile 815.325.7618

        email roglesby@xxxxxxxxxxxx

         

        -----Original Message-----
        From: David E. Payne [mailto:DPayne@xxxxxxxxxx] 
        Sent: Saturday, September 20, 2003 10:03 AM
        To: thin@xxxxxxxxxxxxx
        Subject: [THIN] SSL Certs & WI

         

        Can anyone explain what the correct naming conventions are for
SSL Certs in a standard installation of CSG  and WI?

         

        And do you have to install the root certificate of a Private
certificate on every client that connects to CSG?

         

        Thanks,

         

        -dave

• » [THIN] SSL Certs & WI
• » [THIN] Re: SSL Certs & WI
• » [THIN] Re: SSL Certs & WI
• » [THIN] Re: SSL Certs & WI
• » [THIN] Re: SSL Certs & WI

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription