You are viewing limited content. For full access, please sign in.

Question

Question

SSL Host Name Does Not Match Certificate Host Name

Laserfiche WebLink
Updated November 13, 2019
asked on November 13, 2019

Hello Everyone!

I am horrible at IIS and certificates and was wondering if you guys would be able to give me some insights on what the fix for my issue is.

 

I am trying to setup weblink. I have everything setup internally and can access it inside the network. Externally is my issue. Our external link is https://lf.princeton-il.com/WebLink/Browse.aspx?cr=1 however we get the "The TLS/SSL host name does not match the host name in the X.509 certificate." 

 

This is where I get confused. I am assuming it has something in IIS not looking at the right cert or I have something misconfigured. On the server I have I used Let's Encrypt to get a cert for lf.princeton-il.com. Obviously internally the server name is something else. I only show that cert in there on under default website. Not sure if I need an internal one maybe? Any help would be appreciated!

 

Thanks for your help!

 

0 0

Replies

replied on November 13, 2019

This is not about the certificate for the web server. If it was a problem with that one, the browser would alert the user in the normal way (e.g. with the broken lock icon or an interstitial). This is referring to the certificate used to secure the connection between your WebLink server and the LFS server. I'm guessing that since LFS is inside the firewall and WebLink is outside, you are not using the same dns name for the server for which the certificate was issued. This is what the error is telling you. The hostname you use in the WebLink configuration page has to match the (or a) certificate that is used by LFS.

0 0
replied on November 13, 2019

Thanks for the reply. How would i find the cert the LFS used for the cert? 

0 0
replied on November 13, 2019

I expect you would use netsh, but I don't have specific instructions. If you haven't seen the documentation for how to set up the cert in the first place, you may find it helpful.

0 0
replied on November 13, 2019 Show version history

Stephen,

To expand on Brian's answer: if you have IIS installed on your internal server with LFS, you can check the certificate bound to port 443 in IIS. LFS uses the same cert. If you don't have IIS on the LFS machine, you can do the following:

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...