RE: Certificate mismatch error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Is your certificate issued by an internal CA or someone like Verisign/Komodo etc?
I wonder if the Oracle DB connecting has the CA root certificate installed in their truststore. If they do, check the certificate chain for your site to make sure the intermediate is correctly set up.

Date: Tue, 26 Feb 2013 14:29:29 +0530
From: bijayant.mws@xxxxxxxxx
To: users@xxxxxxxxxxxxxxxx
Subject: Re: [users@httpd] Certificate mismatch error

Hi Edward,

I just renewed the server certificate on the Apache webserver. Oracle DB is not in our scope, that was the message from client.

Thanks,
Bijayant Kumar


On Mon, Feb 25, 2013 at 7:31 PM, Edward Quick <edwardquick@xxxxxxxxxxx> wrote:
Could you clarify, when you say :

The Certificate was installed into a Wallet-Manager of the ORACLE-DB.
I need this Certificate for a communication between ORACLE-DB to the Webserver. 

Does that mean you are doing client certificate verification? 

Or are you just renewing the server certificate on your web server?

Date: Mon, 25 Feb 2013 18:34:21 +0530
From: bijayant.mws@xxxxxxxxx
To: users@xxxxxxxxxxxxxxxx
Subject: Re: Certificate mismatch error


Hi Edward,

Yes, the intermediate certs have been set up on the Apache server.

By any chance you know what else information can I ask from client to pin point their/DB problem?

Thanks & Regards,
Bijayant Kumar


On Sun, Feb 24, 2013 at 2:16 PM, Edward Quick <edwardquick@xxxxxxxxxxx> wrote:
Hi Bijayant,

You don't need another certificate if xyz.com is a subject alternate name of the primary certificate abc.com, so your understanding there is correct.
Is the intermediate certificate set up? 

Regards,
Edward.

Date: Sun, 24 Feb 2013 12:49:45 +0530
From: bijayant.mws@xxxxxxxxx
To: users@xxxxxxxxxxxxxxxx
Subject: Certificate mismatch error


Hello List,

I have an issue to connect SSL enabled site to Oracle database server. Let me explain you with an example here. 

My website name is abc.com and it has another name as well say xyz.com and that is listed in additional DNS name field of certificates. Primary name is abc.com only.

Now client is saying 

The Certificate was installed into a Wallet-Manager of the ORACLE-DB.
I need this Certificate for a communication between ORACLE-DB to the Webserver. When the ORACLE DB communicate with the the Webserve, the following error massage was created:
ORA-06512: at "SYS.UTL_HTTP", line 1029
ORA-29024: Certificate validation failure (-29273)
Now they are asking me to create a new certificate with the name xyz.com only. But as far as my knowledge goes, this should not create any issue as I have used both the name in my certificate and also I am not getting any error while browsing the website with either name.
Please correct me if I am wrong or any other pointer that will be helpful.



Thanks & Regards,
Bijayant Kumar






[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux