creating a ssl cert with stunnel

To: Debian User List <debian-user@lists.debian.org>
Subject: creating a ssl cert with stunnel
From: Adam Shand <larry@spack.org>
Date: Wed, 29 Nov 2000 15:56:50 -0800 (PST)
Message-id: <[🔎] Pine.LNX.4.21.0011291547430.1615-100000@heyzeus.spack.org>

i have stunnel installed and working to provide imap over ssl support but
the certificate it creates seems not to match my hostname.  when i run
fetchmail i get a warning (which is okay) but outlook won't connect at all
because of the mismatch.

it looks like the problem is with the cn attribute but i don't know how to
generate a cert with the correct info or actually what the requirements
for the cert to be accepted are.  fetchmail gives this error:

  fetchmail: Server CommonName mismatch: stunnel != maus.spack.org

the cert looks like this:

  maus(root)# openssl x509 -subject -dates -fingerprint -in stunnel.pem  
  subject=/O=spack.org/OU=maus/CN=stunnel/Email=root@maus.spack.org
  notBefore=Nov 29 23:33:02 2000 GMT
  notAfter=Nov 29 23:33:02 2001 GMT
  MD5 Fingerprint=0D:FB:44:49:7D:B1:8C:3A:4C:2C:9B:F3:7D:45:72:11

so i assume the problem is that the cn of the cert doesn't equal
maus.spack.org.  is this the standard for host certificates that the
common name attribute should equal the hostname?

thanks,
adam.

Reply to:

Follow-Ups:
- Re: creating a ssl cert with stunnel
  - From: Nate Amsden <aphro@aphroland.org>

Prev by Date: XFree 4 + Woody + DGA
Next by Date: Re: reccomended raid controller
Previous by thread: XFree 4 + Woody + DGA
Next by thread: Re: creating a ssl cert with stunnel
Index(es):
- Date
- Thread