Topic: Certificate errors and Proxypass

[kevinb]

Hello everyone,

I redirected a https request to an internal server per the instructions inhttp://wiki.contribs.org/SME_Server:Documentation:FAQ#Proxy_Pass and now internal users (and external users, but I expected that) are getting domain name mismatch certificate errors when accessing the internal address.

https://internal.sme.org requests are being redirected by server.sme.org to the internal server internal.sme.org. The error is "attempted to connect with internal.sme.org however the certificate presented belongs to server.sme.org".

Anyone know how to work around this? Can I simply copy the certificate from server.sme.org to internal.sme.org? Would a global custom certificate on server.sme.org for "*.sme.org" work?

Thank you in advance for your help.

Kevin

[CharlieBrady]

Can I simply copy the certificate from server.sme.org to
internal.sme.org?

No.

Would a global custom certificate on server.sme.org for "*.sme.org" work?

Perhaps, for some browsers. A certificate with SubjectAltNames would be more likely to work. Creating one is non-trivial - google for howtos.