Koozali.org: home of the SME Server

Obsolete Releases => SME Server 7.x => Topic started by: kevinb on September 23, 2009, 09:45:32 PM

Title: Certificate errors and Proxypass
Post by: kevinb on September 23, 2009, 09:45:32 PM: Hello everyone,

I redirected a https request to an internal server per the instructions inhttp://wiki.contribs.org/SME_Server:Documentation:FAQ#Proxy_Pass (http://wiki.contribs.org/SME_Server:Documentation:FAQ#Proxy_Pass) and now internal users (and external users, but I expected that) are getting domain name mismatch certificate errors when accessing the internal address.

https://internal.sme.org requests are being redirected by server.sme.org to the internal server internal.sme.org. The error is "attempted to connect with internal.sme.org however the certificate presented belongs to server.sme.org".

Anyone know how to work around this? Can I simply copy the certificate from server.sme.org to internal.sme.org? Would a global custom certificate on server.sme.org for "*.sme.org" work?

Thank you in advance for your help.

Kevin
Title: Re: Certificate errors and Proxypass
Post by: CharlieBrady on September 23, 2009, 11:21:28 PM: Quote from: kevinb on September 23, 2009, 09:45:32 PM
Can I simply copy the certificate from server.sme.org to
internal.sme.org?

No.

Quote
Would a global custom certificate on server.sme.org for "*.sme.org" work?

Perhaps, for some browsers. A certificate with SubjectAltNames would be more likely to work. Creating one is non-trivial - google for howtos.

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy | Terms and Policies