[lgilmont]

Hi all,

We're running a gateway that communciate through XSR (in DMZ) we are interested in setting up AS2 connections. We've made all of our tests with the certificate provided with the product.

Now we are tempting to go live but before we need to buy an SSL certificate. We created the CSR with openssl (on Windows) and we submit it to Verisign. But Verisign is coming back to us because we did create the CSR with our domain name and it seems incorrect. What they need to know is the name used in the communcation:

o Is it the IP address (192.xx.xx.xx)
o Is it the Netbios name (gemma.xx.xx)
o Is it the DNS name (still to define: e.g. axgwy.xx.xx)
o Or another name

Any help on this subject would be useful, this is the first time we buy a certificate for this kind of soft and the process is not really clear.

Thanks for your help/

[Samir KHERZI]

Hi,

Usually it's the Fully Qualified Domain Name (FQDN), but not necessary.

With << openssl req >> When you are prompted to enter the Common Name, then enter the FQDN.

For example:
Country Name (2 letter code) [AU]:FR
State or Province Name (full name) [Some-State]: My State
Locality Name (eg, city) []:My City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company
Organizational Unit Name (eg, section) []:My Unit
Common Name (eg, YOUR name) []:as2gateway.mycompany.com
Email Address []:admin@mycompany.com

where as2gateway.mycompany.com is your FQDN.

I hope it helps.

- Samir

[lgilmont]

HI,

Thanks for the response, really helpfull.

Does that name must correspond to the host name in any way?

Ex.: Machine name: GEMMA

do the FQDN be GEMMA.mycompany.com

or could it be AS2GWY.mycompany.com

Regards.

[Samir KHERZI]

I think it can be different that the machine name.