I generated a ca-certificate, server-certificate and client-certificate using the guidelines of rabbitmq (https://www.rabbitmq.com/ssl.html#manual-certificate-generation)
But I keep getting an error Hostname mismatch when checking the certs with openssl s_server.
openssl s_server -accept 8443 -cert server_certificate.pem -key private_key.pem -CAfile ca_certificate.pem
openssl s_client -connect localhost:8443 -cert client_certificate -key private_key.pem -CAfile ca_certificate.pem -verify 8 -verify_hostname CN_NAME
RESULT:
Verify return code: 62 (Hostname mismatch)
When I read the hostnames, they both show the same..?
openssl x509 -in server_certificate -subject -noout
subject=CN = MyTestCA, O = server
openssl x509 -in client_certificate -subject -noout
subject=CN = MyTestCA, O = client
So I'm stuck why I'm getting the error 'Hostname mismatch'?
Error is due to using the same CN for the CA and server. Solved it by using another CN for the CA.