certificate for SSL web connection?

Hongwei Li hongwei at wustl.edu
Thu Mar 15 16:46:54 UTC 2007 

Hi,

I have a fc5 system, kernel: 2.6.19-1.2288.fc5smp, httpd: 2.2.2-1.0
Basically, it run well. Now I try to force all web connections to go via SSL.
I tried 2 methods:

1. edit httpd.conf file, comment out line  Listen 80, then since ssl.conf is
there, only https://mydomain/ is allowed.

2. edit httpd.conf file, add the following:
<VirtualHost *:80>
        ServerName      mydomain
        Redirect        /       https://mydomain/
</VirtualHost>

then, restart service httpd.

Eitherway, when a user try to connect https://mydomain/ it shows a problem
about certificate.

In IE7, the message is:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
There is a problem with this website's security certificate.

The security certificate presented by this website was issued for a different
website's address.

Security certificate problems may indicate an attempt to fool you or intercept
any data you send to the server.

We recommend that you close this webpage and do not continue to this website.
  Click here to close this webpage.
  Continue to this website (not recommended).
     More information

If you arrived at this page by clicking a link, check the website address in
the address bar to be sure that it is the address you were expecting.
When going to a website with an address such as https://example.com, try
adding the 'www' to the address, https://www.example.com.
If you choose to ignore this error and continue, do not enter private
information into the website.

For more information, see "Certificate Errors" in Internet Explorer Help.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

Then, if I click "Continue to this website (not recommended).", then the web
site https://mydomain/ does show up and it seems that everything is working
under SSL connection. However, the IE7 shows a box Certificate Error next to
the address.  Clicking it shows: Mismatched Address
Clicking "View certificate" shows: Certificate Information
  Issued to: localhost.localdomain
  Issued by: localhost.localdomain
  Valid from 5/12/2006 to 5/12/2007

Even if I click Install Certificate... and follow the steps,
the wizard shows "import successful..."  but, it does not solve the error.

My question: can somebody explain why? how to handle this certificate issue?

Thanks!

Hongwei Li

More information about the fedora-list mailing list