• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

SSL certificate error for hostname mismatch?

 
Ranch Hand
Posts: 61
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I'm new to SSL, and I want this to work without any pop-ups about bad certificates, using pure socket programming.

Right now, I have to deploy a single self-signed SSL certificate to several hundred systems (set A) and then store them as trusted certificates on another several hundred systems (set B) that are paired up. For a gazillion reasons due to maintenance budget, project budget, and this being on our internal mostly-secure network, we're going to use the same SSL certificate for every A-B server pair.

Sooooo, this means that the "common name" or "dn" or whatever won't have the fully qualified hostname (myserverA1.mycomp.com) because the same cert is on multiple servers. I heard that sometimes there'll be a pop-up on some systems stating the server name in the cert doesn't match the server's actual hostname, or whatever.

The server side is a Java program. The client side is a C program. Using SSL sockets. Will there be a problem? If so, how hard is it to write a script to change that common name in the cert for each server? I'm on a tight timeline and this isn't some hugely robust enteprise-grade app. It just needs to do a simple LDAP relay between the LDAP server and the client.

Thanks!

 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic