I'm trying to create a wildcard certificate to use with some elasticsearch ECE systems and it's not working quite right yet. I found Fraser's blog at https://frasertweedale.github.io/blog-redhat/posts/2017-02-20-freeipa-wildcard-certs.html and followed the directions there. After installing the cert chain on my ES servers, when I connect over the web I'm getting an SSL_ERROR_BAD_CERT_DOMAIN error, even though the cert contains:
Subject Name Organization OUR.NET 201804300753 Common Name *.elastic.our.net Issuer Name Organization OUR.NET 201804300753 Common Name Certificate Authority Validity Not Before Tue, 07 Jun 2022 14:48:08 GMT Not After Fri, 07 Jun 2024 14:48:08 GMT Subject Alt Names DNS Name zsece01.our.net DNS Name zsece02.our.net DNS Name zsece013our.net : I've tried including elastic.our.net as an alt name too and it didn't prevent the error. What am I missing? -- Bret Wortman [email protected] _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
