Repository Connection Certificate Problem

Hello bruno,

there is a tool that ships with Apache to create a certification for your
machine. I don't know the details but I assume you can google it.

Ralph

http://www.brunobraga.com.br/img/jazz/rtc_certificate_problem.png

"The certification host name does not match the server host name"

I have tried to set many host name's in my certificate...
How can I check that?
Is there a log that shows the values used in comparison?

bgbraga@gmail-dot-com.no-spam.invalid (bruno.braga) wrote in news:h25rih
$cbo$1@localhost.localdomain:

I have tried to set many host name's in my certificate...
How can I check that?
Is there a log that shows the values used in comparison?

Make sure you set the DNS name as a CN in the signer certificate (not the
one in your truststore) :)

--
Christophe Elek
Jazz L3
IBM Software Group - Rational

Christophe,

I have the same problem as bruno, upgrading from RTC 1.0.1 to RTC 2.
Can you explain why this problem is happening after the upgrade when RTC 1 was fine.
And can someone expalin how to fix it - step by step please.

Hello norricorp,

There was another post recently discussing upgrade issues and thet posted
to an article where this is described.

For question 3 - in order to get rid of the warning dialog, you must either
install a real (not self-signed) certificate or disable encryption and use
http rather than https. You can find more details at: http://jazz.net/jazzdocs/index.jsp?topic=/com.ibm.team.install.doc/topics/c_server_certificates.html

Thanks,
Craig Chaney
Jazz Server team


Ralph

Christophe,

I have the same problem as bruno, upgrading from RTC 1.0.1 to RTC 2.
Can you explain why this problem is happening after the upgrade when
RTC 1 was fine.
And can someone expalin how to fix it - step by step please.

Craig,
according to the docs that you refer to, you can create you own self signed cert as well.
"The ikeyman tool can help you create your own self-signed certificate identifying the host by its proper network name or you can request a certificate signed by a trusted certificate authority (CA). A self-signed certificate will require acceptance by the Team Concert client or web browser."
Having said that I have created a cert using the server name and changed server.xml. Still get the same problem.
Security has not been disabled in RTC 1.0, the certificate points to localhost yet that works fine with no errors.
Do you know RTC 2.0 is causing problems with the same setup?
Other than disable security, the only other answer to accept the cert on a per session basis which I would rather not do as it reflects badly on RTC and is just another barrier to upgrade.

norricorp wrote:

Craig,
according to the docs that you refer to, you can create you own self
signed cert as well.
"The ikeyman tool can help you create your own self-signed
certificate identifying the host by its proper network name or you
can request a certificate signed by a trusted certificate authority
(CA). A self-signed certificate will require acceptance by the Team
Concert client or web browser."
Having said that I have created a cert using the server name and
changed server.xml. Still get the same problem.
Security has not been disabled in RTC 1.0, the certificate points to
localhost yet that works fine with no errors.
Do you know RTC 2.0 is causing problems with the same setup?
Other than disable security, the only other answer to accept the cert
on a per session basis which I would rather not do as it reflects
badly on RTC and is just another barrier to upgrade.

This question was moved to a new thread titled "Security Certificates".
https://jazz.net/forums/viewtopic.php?t=5542

Thanks,
Craig Chaney
Jazz server team