06-26-2015 05:48 AM - edited 03-17-2019 03:29 AM
Customer has CUPS 8.6 with Jabber 9.x. They got the CUP-XMPP signed by Verisign but when they try to get tomcat signed, Verisign is complaining about the DN being same as the CUP-XMPP CSR and cannot sign another certificate for same server. Has anyone seen this and know a workaround/fix? One fix could be going to another CA for tomcat but I would be surprised if that is what everyone had to do.
06-26-2015 06:04 AM
You can keep you hostname and create a Subject Alternative Name with the FQDN, that's when you generate a new CSR to get signed by an authority. I even took a picture for you!
06-26-2015 06:09 AM
I don't think there was an option to change this in CUPS 8.6. Regardless it will have same server name in both tomcat and xmpp CSR so the CA will not like it. Can you elaborate please? thanks
06-26-2015 06:14 AM
I forgot you asked for CUPS, I still suggest you to look for Subject Alternative Name:
https://supportforums.cisco.com/discussion/11469016/cups-and-subject-alternative-name-certificate
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: