Ron, Why do you think I get an error like this when connecting to CSG? The name on the security certificate does not match the name on the server (SSL error 59) thx, -dave -----Original Message----- From: Ron Oglesby [mailto:roglesby@xxxxxxxxxxxx] Sent: Sat 9/20/2003 1:12 PM To: thin@xxxxxxxxxxxxx Cc: Subject: [THIN] Re: SSL Certs & WI Well. Lets talk about certs in general. First off there is no proper naming convention outside of real FQDNs. Now for WI it all depends. For the web server you just want a fqdn that is easily remembered like apps.whatever.com. or remotedesktop.blah.com, or portal.whome.com etc…. For the CSG it really doesn’t matter. Reason being that the user never sees it. I like using GP.blah.com or even CSG though that is a little giveaway as to what it is. Now the root or private certs.. well private certs are not installed anywhere but the server (that’s why they are called private). The root cert is really the CA path. Being a trusted CA bath with is installed (added) to the client so they trust a certificate authority. If you have a cert from Verisign thawte etc your browsers will already trust them so there is no need. If you have a private cert (like you just created a Microsoft CA) then you need to installed the cert path on the client (they have a screen for this under url/certsrv.) Ron Oglesby Senior Technical Architect RapidApp Office 312.372.7188 Mobile 815.325.7618 email roglesby@xxxxxxxxxxxx -----Original Message----- From: David E. Payne [mailto:DPayne@xxxxxxxxxx] Sent: Saturday, September 20, 2003 10:03 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] SSL Certs & WI Can anyone explain what the correct naming conventions are for SSL Certs in a standard installation of CSG and WI? And do you have to install the root certificate of a Private certificate on every client that connects to CSG? Thanks, -dave