Among other things, the web browser uses the Common Name or CN of both the issuer and issue to verify the identify of the web server to which it is communicating. If everything verifies, your browser knows the certificate is valid, and you'll never see this message. But if any of the details differ between the issuer and the certificate, your browser will provide you with an alert.

As we can see in the following image, the certificate presented to our browser shows that it was issued by "VMware VDM" and was issued to "VMware VDM":

This is of no help to us because not only does the CN of "VMware VDM" not match the host-name of our View Security server (which is view.tcpdump.com in our example) but the issuer, VMware VDM, is not listed in our browsers trusted root certificate authorities.

Until we correct these issues, we will continue to receive these notices unless suppressed by the configuration of our browser, or we install a valid certificate. In the following pages, we will install a new new certificate, but before we can do so, we must configure our system's environment.

Comments

Add New Search

anurdh65  - SSL certificate |13/08/2009 05:18:59 Very Nice information. My friend bought the SSL certificate from http://www.tucktail.com/ but i dont know whether it is firmware or not. Reply | Quote

thirt |22/08/2009 19:41:35 Hi anurdh65, I'm not sure what you mean by firmware. Can you elaborate a bit more for me? Thanks, Tom Reply | Quote

Rashid Iqbal  - OWA not working in vmware after configuring the ss |29/06/2010 08:53:01 I install the ssl certificate for OWA. before installing the ssl I can access the owa for email but after installing the ssl certicate and trying to access the email through https://test.abc.com/exchange. getting error: the page cannot be displayed. I am doing all this in VMWare virtual machine. kindly help me to sort out this issue. Regards, Rashid Reply | Quote

Siddharth |27/12/2011 10:57:50 Hi, Somehow I am not able to make this work Used a go daddy cert and downloaded it as a tomcat server certificate as Vmware support suggests All steps work find while importing the certificate Once security server services are restarted I see the server only listening on http://*:80 Any clues Reply | Quote

MrSanchez |02/03/2012 13:10:38 Hi, Had a problem with go daddy certs too. What you need to do is convert the PEM certificate (.crt, .cer) to PKCS#7 format as mentioned above. I used the following website www.sslshopper.com to convert. When converting there will be an option for Chain Certificate File, it says optional but had to choose my gd_intermediate.crt. Reply | Quote

MrSanchez |02/03/2012 13:29:08 Hi All, I also had a problem with the locked.properties file. Had to create it in notepad and VMware support had me add the following line: storetype=pkcs12. So my file ended up looking like this: clientHost=viewservername.com clientPort=443 clientProtocol=https keyfile=keys.p12 keypass=MY_PASS storetype=pkcs12 Hope it helps someone. Thanks to the people running this website, came in very handy. Hasta la vista! Reply | Quote

GMTX |26/04/2012 15:10:52 Just one thing to add about generating the keystore. If you want more than 1024 bit keys (and these days you do), add the -keysize parameter to the command that generates the store, for example: keytool -genkey -keyalg "RSA" -keysize 2048 -keystore keys.p12 -storetype pkcs12 -validity 360 Reply | Quote

Write comment
Name:
Email:	do not notifynotify
Website:
Title:
UBBCode:	-color-aquablackbluefuchsiagraygreenlimemaroonnavyolivepurpleredsilvertealwhiteyellow -size-tinysmallmediumlargehuge
	Please input the anti-spam code that you can read in the image.

!joomlacomment 4.0 Copyright (C) 2009 Compojoom.com . All rights reserved."