You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Richard S. Huntrods" <hu...@nucleus.com> on 2001/12/22 17:21:52 UTC
Re: What does it mean - \"Name on certificate does not match name of the
site\"
Pae wrote:
>It usually means that the name, e.g., Common Name, in your
>certificate and the name of your server, e.g., http server,
>where the certificate originated from don't match.
>
>How did you created the certificate? Ex, openssl?
>
>Pae
Pae,
Thank you for your assistance so far. I'm using the Java SDK "keytool"
tool to create the certificate. Here is an actual session with keytool.
My typing is in <> just for clarity. The <> contains either what I have
been typing, or a comment on what I was typing. All other text comes
from the keytool...
===
<keytool -genkey -alias tomcat -keyalg RSA -keystore /users/.keystore>
Enter keystore password: <password>
What is your first and last name?
[Unknown]: <Richard Huntrods>
What is the name of your organizational unit?
[Unknown]: <hci - I don't really know what to put here - I was putting
machine>
What is the name of your organization?
[Unknown]: <HCI - this is my company, not my domain>
What is the name of your City or Locality?
[Unknown]: <Calgary>
What is the name of your State or Province?
[Unknown]: <Alberta>
What is the two-letter country code for this unit?
[Unknown]: <CA - for Canada>
Is <CN=Richard Huntrods, OU=hci, O=HCI, L=Calgary, ST=AB, C=CA> Correct?
[no]:<yes>
Enter key password for <tomcat>
(RETURN if sam as keytore password): <RETURN>
===
That generates the keystore. Which one is "common name"?
Thanks again in advance for your assistance. Is there more
documentation on keytool that you know of? The "on line" help merely
lists the possible options, but does not tell you what they mean.
-Richard
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: What does it mean - \"Name on certificate does not match name of the site\"
Posted by Pae Choi <pa...@earthlink.net>.
The "CN" in the distinguished name is standing for "Common Name".
Pae
----- Original Message -----
From: "Richard S. Huntrods" <hu...@nucleus.com>
To: <to...@jakarta.apache.org>; <pa...@earthlink.net>
Sent: Saturday, December 22, 2001 8:21 AM
Subject: Re: What does it mean - \"Name on certificate does not match name
of the site\"
> Pae wrote:
>
> >It usually means that the name, e.g., Common Name, in your
> >certificate and the name of your server, e.g., http server,
> >where the certificate originated from don't match.
> >
> >How did you created the certificate? Ex, openssl?
> >
> >Pae
>
> Pae,
>
> Thank you for your assistance so far. I'm using the Java SDK "keytool"
> tool to create the certificate. Here is an actual session with keytool.
> My typing is in <> just for clarity. The <> contains either what I have
> been typing, or a comment on what I was typing. All other text comes
> from the keytool...
>
> ===
> <keytool -genkey -alias tomcat -keyalg RSA -keystore /users/.keystore>
>
> Enter keystore password: <password>
> What is your first and last name?
> [Unknown]: <Richard Huntrods>
> What is the name of your organizational unit?
> [Unknown]: <hci - I don't really know what to put here - I was putting
> machine>
> What is the name of your organization?
> [Unknown]: <HCI - this is my company, not my domain>
> What is the name of your City or Locality?
> [Unknown]: <Calgary>
> What is the name of your State or Province?
> [Unknown]: <Alberta>
> What is the two-letter country code for this unit?
> [Unknown]: <CA - for Canada>
> Is <CN=Richard Huntrods, OU=hci, O=HCI, L=Calgary, ST=AB, C=CA> Correct?
>
> [no]:<yes>
> Enter key password for <tomcat>
> (RETURN if sam as keytore password): <RETURN>
>
> ===
> That generates the keystore. Which one is "common name"?
>
> Thanks again in advance for your assistance. Is there more
> documentation on keytool that you know of? The "on line" help merely
> lists the possible options, but does not tell you what they mean.
>
> -Richard
>
>
>
>
>
>
>
>
>
> --
> To unsubscribe: <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>