locked
Invalid Certificate Subject Name RRS feed

  • Question

  • Hi,

    I've got a problem with the certificates when I check the server functionnality, I've got this error:

    Invalid Certificate Subject Name : Subject Name Found : CN=Administrateur, DC=MOCS, DC=local Expected Subject Name: mocs.mocs.local

    Failure [0xC3FC200D]

    I'm pretty new to the certificates stuff so I don't really know what to do

    I've installed a Certification Authority with a Web Server Model certificate for my server but this seems not to be working

    If someone could help me with this stuff

    Thank you very much
    Friday, May 18, 2007 1:19 PM

Answers

  • Some Windows certificate wizards (IIS for example) refer to the subject as common name.  If you run through the OCS certificate wizard (in the OCS Admin right click the server and select Certificates) it is labeled Subject Name.  No matter what you call it, the subject/common name has to match the FQDN of your OCS server (mocs.mocs.local in this case).  If they do not match, TLS will fail.  If you're just testing and don't really understand certificates I would recommend just using TCP until you have time to read more of the OCS documents that explain the certificate requirements.


    Z

    Friday, May 18, 2007 2:41 PM
    Moderator

All replies

  • Some Windows certificate wizards (IIS for example) refer to the subject as common name.  If you run through the OCS certificate wizard (in the OCS Admin right click the server and select Certificates) it is labeled Subject Name.  No matter what you call it, the subject/common name has to match the FQDN of your OCS server (mocs.mocs.local in this case).  If they do not match, TLS will fail.  If you're just testing and don't really understand certificates I would recommend just using TCP until you have time to read more of the OCS documents that explain the certificate requirements.


    Z

    Friday, May 18, 2007 2:41 PM
    Moderator
  • Thank you for the answer, I managed to make the certificate work on the server validation.

    However, I would really like to test it with TCP, but how do you do that ?
    It seems that when I try to connect to the server on one of my client computers, it returns me :
    "There was a problem veryfying the certificate from the server"

    I don't know where that problem comes from, but I doubt it could be from DNS as my client does not solve the name of the server when I try the nslookup command

    Any idea ?

    Thank you for the help
    Monday, May 21, 2007 3:37 PM
  • TCP doesn't utilize certificates. You cannot connect to OCS using TCP unless you explicitly configure it, typically on port 5060.

    Friday, May 25, 2007 5:27 PM