SugarCRM on https

[Rajesh Patel]

I am using xampp1.7 and sugarcrm5.2j on linux.Xampp come with inbuild SSL. I Have done all the settings in httpd-ssl.conf file. Port 443 is listening.I am using Openssl for secure login.
But when i am login into sugarcrm it give me eror

The security certificate presented by this website was not issued by a trusted certificate authority.
The security certificate presented by this website was issued for a different website's address.

and when i restart the apache the log file of apache contains

RSA certificate CommanName (CN) 'IP address' doest not match server name

Please reply..

[mvngti]

You need to purchase a valid signed certificate from a Certification Authority such as Verisig, rapidssl etc.

This is not a sugarcrm or xamp issue, it is true for ALL ssl enabled websites.

M

[Rajesh Patel]

If i used OpenSSL then is ther any problem?

[salesagility]

You should try the openssl forums for assistance ... this is not a sugarcrm issue

[snikwahj]

I am using xampp1.7 and sugarcrm5.2j on linux.Xampp come with inbuild SSL. I Have done all the settings in httpd-ssl.conf file. Port 443 is listening.I am using Openssl for secure login.
But when i am login into sugarcrm it give me eror

The security certificate presented by this website was not issued by a trusted certificate authority.
The security certificate presented by this website was issued for a different website's address.

and when i restart the apache the log file of apache contains

RSA certificate CommanName (CN) 'IP address' doest not match server name

Please reply..

Rajesh,

It looks to me like you have it set up OK using OpenSSL. The error messages you have quoted are presented by your browser not the back end server. Your browser is warning you that the security certificate that the site (your SugarCRM install) is using is not one purchased from a recognised seller. This is quite correct as you are using a self-generated certificate created by your OpenSSL settings. Given the info here it looks to me like these are OK and the SugarCRM install is correctly attempting to use the self-generated certificate. I think that the message in the Apache logs are a warning to the same effect.

I would think that, providing you are confident that the certificate is created by your OpenSSL settings and is not a harmful third-party hijack, all you need to do is create an exception in your browser to bypass the check of validity for this particular certificate. I use Firefox (IE does not work well on Linux!!) and that presents a link at the bottom of the warning message allowing me to create an exception with a couple of acceptance clicks. I needed to do this for a customers hosted SugarCRM site which was sharing a certificate with their customer facing web site.

If you cannot see a link to create an exception then you might try looking through the settings for your choice of browser to see how to create one.

Of course, bear in mind that you need to be confident that it is your certificate that is in use but if you have set up OpenSSL to build all the necessary stuff for you then it is likely that this is the case for you.

HTH,

JH.

[Rajesh Patel]

Snikwahj,

Thanks for replying, i have to create exception on the server if correct then how do i create an exception.

[snikwahj]

Rajesh,

You need to create an exception in your browser (Firefox or IE etc.) not on the server. It is the browser that is preventing you from accessing a secure site which is using an invalid certificate. Try the steps in one of these:

http://oasis.fh-offenburg.de/exception.html

http://forum.synology.com/enu/viewto...p?f=19&t=10103

http://www.sammc.amedd.army.mil/refi..._exception.asp

depending on which browser you are using.

If the error you are seeing is not the same as these then it may be a different issue but from what you have said it sounds the same.

Thanks,

JH.