[Cyberduck-trac] [Cyberduck] #6953: wildcard certificate problem with custom root CA

Thu Nov 8 14:16:01 CET 2012

#6953: wildcard certificate problem with custom root CA
-------------------------+----------------------
 Reporter:  Andre Kelpe  |         Owner:
     Type:  defect       |        Status:  new
 Priority:  normal       |     Milestone:
Component:  core         |       Version:  4.2.1
 Severity:  normal       |    Resolution:
 Keywords:               |  Architecture:
 Platform:  Windows 7    |
-------------------------+----------------------
Description changed by Andre Kelpe:

Old description:

> I am having a problem with wildcard certificates for webdav over https.
> Here is the current situation:
>
> I have a server, that uses SSL. The certificate used by the server is
> signed by our own internal root CA. I have installed this root CA in the
> certificate management on windows, following the documentation on
> http://windows.microsoft.com/is-IS/windows-vista/View-or-manage-your-
> certificates. After that, I verified, that IE trusts the certificate of
> my server signed with this root CA. This works, which means, the root CA
> is correctly installed. After that I tried it with cyberduck and it does
> not trust the server at all.
>
> After some googling around, I saw that cyberduck is written in java, so I
> went into the control panel and installed the root CA in the java
> configuration thing as well. This still has no effect. Cyberduck keeps on
> telling me, that the cert is not valid, while all other software trusts
> it. What am I doing wrong?

New description:

 I am having a problem with wildcard certificates for webdav over https.
 Here is the current situation:

 I have a server, that uses SSL. The certificate used by the server is
 signed by our own internal root CA. I have installed this root CA in the
 certificate management on windows, following the documentation on
 http://windows.microsoft.com/is-IS/windows-vista/View-or-manage-your-
 certificates. After that, I verified, that IE trusts the certificate of my
 server signed with this root CA. This works, which means, the root CA is
 correctly installed. After that I tried it with cyberduck and it does not
 trust the server at all.

 After some googling around, I saw that cyberduck is written in java, so I
 went into the control panel and installed the root CA in the java
 configuration thing as well. This still has no effect. Cyberduck keeps on
 telling me, that the cert is not valid, while all other software trusts
 it.

 The hostname of the server is something like foo.secure.example.com and
 the cert is valid for *.secure.example.com. As I said above, it works with
 other windows software, just not with cyberduck.

 What am I doing wrong?

--

-- 
Ticket URL: <http://trac.cyberduck.ch/ticket/6953#comment:1>
Cyberduck <http://cyberduck.ch>
Open source FTP, SFTP, WebDAV, Cloud Files, Google Docs & Amazon S3 Browser for Mac & Windows.