Certificate error: certificate subject does not match signing request subject
Hi - I'm trying to apply a certificate from StartCom/Startssl.com to my PFSense 2.0-RC1 (amd64) -built on Wed Mar 2 12:54:13 EST 2011 - instance.
I'm getting this error:
The certificate subject 'emailAddressfirstname.lastname@example.org, description=abc123xxxyyyzzz, OU=StartCom Free Certificate Member, O=Persona Not Validated, CN=host.domain.com, C=US' does not match the signing request subject.
#2 Updated by Erik Chow over 8 years ago
- File csr.txt csr.txt added
- File certificate.crt certificate.crt added
- File Intermediary_Certificate_2.crt Intermediary_Certificate_2.crt added
- File Intermediary_Certificate_1.crt Intermediary_Certificate_1.crt added
- File Root_Certificate.crt Root_Certificate.crt added
I am having the same issue. I tried to use a register.com SSL cert, which has intermediate CAs. Upon getting the cert from register.com, pfsense complains about "does not match the signing request subject".
My pfsense version info:
built on Sat Mar 26 00:18:39 EDT 2011
#3 Updated by Mark Laagland over 8 years ago
I can also confirm this issue.
built on Mon Mar 28 16:09:59 EDT 2011
The CSR (included) was signed using the CACert Class 1 root certificate. However, pfSense refuses the signed certificate. Getting
The certificate subject 'CN=stormfront-noord.int.storm.vu' does not match the signing request subject.
(CACert removes most fields, so pfSense is only complaining about the CN field)
CSR included. For obvious reasons, certificate not included.
#6 Updated by Ermal Luçi about 8 years ago
Possibly reading this link https://pkiwidgets.quovadisglobal.com/pkiwidgets/matchCertAndCSR.aspx the same procedure should be used form the GUI instead of pure text based matching?!