i new ssl , openssl. trying generate curl request using .cer file (without using -k or -insecure flags). after generating .pem file, tried issue post request following way: curl --cacert certificate.pem -xpost "https://server_ip:server_port?obj1=okay"
when use server ip address, error message: curl: (51) unable communicate securely peer: requested domain name not match server's certificate.
if use localhost.localdomain instead of server_ip, request generated correctly.
i understand ssl certificate can certify 1 hostname. there way change hostname server's ip address instead of localhost.localdomain?
thank you
if use localhost.localdomain instead of server_ip, request generated correctly.
you must access host using host name certificate has been issued for. there isn't of way around curl other use -insecure specified didn't want do.
i understand ssl certificate can certify 1 hostname.
most user agents, , browsers, support subject alternative names, lets specify many. browsers read first 100 sans. sans can support ip addresses.
is there way change hostname server's ip address instead of localhost.localdomain
usually done through dns. though, since looks trying use loopback, might able edit hosts file contain whatever name want point loopback address.
Comments
Post a Comment