Hi, I try to create SSL certificate for server in local network .
Computer’s name is comp1
Domain’s name is dom1.local
One thing I do not understand:
Typing just name in browser is fine, one can reach the server.
Typing comp1.dom1.local yields host unreachable.
The question: which name use as common name while creating certificates?
I know that cert should be max 1 year valid but I still get:
NET::ERR_CERT_COMMON_NAME_INVALID
when going to the server with cert installed in the browser as root authority.
Hier is command line I use to create the cert:
Hmmm, afaik this means that “common name” that certificate has, that the server served does not match the Host name that browser requested. They need to look exactly the same - there’s no automatic domain-y searchintans guessing or short name expansion being done.
IME, using FQDN in the cert and FQDN in the browser is the least headache-y option.
So, comp1.dom1.local in /etc/hosts, in cert, and in your http config.
The root SSL certificate can now be used to issue a certificate specifically for your local development environment located at localhost . Create a new OpenSSL configuration file server.