On Wed, Dec 15, 1999, Franky Van Liedekerke wrote:
> I created a server certificate with the CN=webmail.pandora.be, and in
> DNS this webmail.pandora.be is a CNAME.
> Now I created a virtualhost in apache with
> ServerName=webmail.pandora.be, but when I connect to the server, I get
> in my ssl_error logfile:
>
> ssl_error_log:[Wed Dec 15 03:19:14 1999] [error] mod_ssl: SSL handshake
> failed (client 209.227.16.35, server webmail.pandora.be:443) (OpenSSL
> library error follows)
> ssl_error_log:[Wed Dec 15 03:19:14 1999] [error] OpenSSL:
> error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
> [Hint: Subject CN in certificate not server name!?]
>
> Does this means that webmail.pandora.be should not be a CNAME?
No, that's just a _hint_ to a _possible_ reason for the problem. In your case
it looks more that your browser has some old informations about the
certificate cached. Clear the cache entries and retry.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
