Web Server certificate question
Lou Picciano
loupicciano at comcast.net
Tue Mar 24 11:02:43 EDT 2015
Jim,
This is generally a constraint effected/controlled by the Certificate Authority. Generally speaking, the FQDN must match precisely the CN (Common Name) of the issued (sub-) certificate. You'd likely want to issue a server cert of the format myserver.JimsDomain.com. It's a common that a directly IP-addressed server would get choked on.
This is all controlled by the 'rules' your issuing CA builds into its signing process - as well as any you determine, if you're issuing your own certs - as we do.
Lou Picciano
----- Original Message -----
From: "Jim Pistrang" <jim at jpcr.com>
To: "Omnis List Mail" <omnisdev-en at lists.omnis-dev.com>
Sent: Tuesday, March 24, 2015 10:50:52 AM
Subject: Web Server certificate question
Hi all,
This isn't exactly an Omnis question, but it is related. Hope someone can help.
I have an Omnis Javascript application running on a client site. The app is running on a Mac OS X Server inside their firewall. The app can be run from outside their firewall via a secure port in their firewall. When I do this, the url looks like this:
<https://12.345.67.89:5922/rfMyApp.htm>
In the above example, 12.345.67.89 is the IP address of the firewall, and port 5922 is a secure port opened to the server. Apache is listening on this port.
This all works perfectly well, except that users get a warning saying that the site may not be secure. My client has asked that I purchase a trusted certificate for the site. I have done the following:
1) Gave the server a host name of jimsdomain.com
2) Registered jimsdomain.com and purchased a trusted certificate. [note: the domain name is not associated with an IP address]
3) Added the certificate in Server Manager on the server, and it shows up as valid
BUT - I still get warning messages in my browser when I access the app, since the url that I type in <https://12.345.67.89:5922/rfMyApp.htm> does not match the certificate name 'jimsdomain.com'
Is there a way to do this? Do I need to install a certificate on the firewall?
Jim
--
Jim Pistrang
JP Computer Resources
413-256-4569
<http://www.jpcr.com>
_____________________________________________________________
Manage your list subscriptions at http://lists.omnis-dev.com
More information about the omnisdev-en
mailing list