Query on Certificates

Hi,

Any idea , whether it is required to use the same name for server DNS and certificate Issued to? Is it mandatory?

like:

Server Name: webmethodstest.com
Issued to: wmtest.com

I don’t think Krishna. It should work.

Thanks,

Hi,

the server name should match the CommonName (CN) section of the Distinguished Name of the certificate request.

AT least Internet Explorer evaluates that and warns if this is not matching.

Regards,
Holger

Thanks Guys.

But few clients are able to connect to the system via https and only one client is not able to connect. When we tried internally through client tools, it’s working perfectly.

Client is using our publick key & username/pwd. He is not using any client certificates. Even our side we are not configured any client certificate for this client , we are authenticating this client using username and password.

Any idea on this.

Is there a way to accept both http and https calls? Also is there any way to allow only particular client without certificate?

Thanks

Hi Krishna,

your partner needs to add your intermediate certificates (not the server certificate itself) to his truststore.

HTTP und HTTPS are possible in parallel, but on different ports.

As far as I know it is not possible to allow dedicated clients without client certificate.
When using client certificates these need to be imported to the server and mapped to the appropriate user.

Regards,
Holger

Hi ,

this is depend on the CA , if the CA is Microsoft AD you can use below in the other option while creating the certificate or CSR

san:dns=servername.domin.com
this will make CommonName as your server name