A simple curl client call works with the hostname
It does not work with the ip address.
I trussed both the calls and they are using the right certificate from the
/etc/openssl/certs truststore
Which makes me think something is wrong with the openssl conf during the
cert generation.
I have
subjectAltName = IP:<ip address>
in the openssl conf file.
- Amol
On 09/20/11 11:49, Shawn Walker wrote:
On 09/19/11 18:04, Amol Chiplunkar wrote:
subjectAltName does not seem to work with the pkg command.
I tried with
subjectAltName = IP:<ip address>
in the openssl conf file to create the certificate
Also tried
subjectAltName_default = IP:<ip address>
Both these in combination with ServerAlias <ipaddress> for the Virtual
Host and without the alias as well.
It always generates Framework error: code: 51 reason: SSL: certificate
subject name '<hostname>' does not match target host name '<ip address>'
libcurl documentation states that: "Curl considers the server the
intended one when the Common Name field or a Subject Alternate Name
field in the certificate matches the host name in the URL to which you
told Curl to connect."
So this should work. Have you tried using the curl client to retrieve
things via SSL using this server? Does it give you the same errors?
-Shawn
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
