M2Crypto SSL Check Error: Peer certificate subjectAltName does not match [Solved]
- Friday, March 10, 2017 By David Peter
Question: I’m stuck with M2crypto SSL check error while installing Webmin package on RHEL 5.5. Here’s the complete error message:
# yum install webmin File "/usr/lib64/python2.4/site-packages/M2Crypto/SSL/Checker.py", line 88, in__call__ fieldName='subjectAltName') M2Crypto.SSL.Checker.WrongHost: Peer certificate subjectAltName does not match host, expected netix.dl.sourceforge.net, got DNS:mirrors.netix.net
How to solve this issue?
How to solve the error M2Crypto SSL Check Error: Peer certificate subjectAltName does not match?
It looks like RHEL 5.5 has an older version of M2crypto library. According to the bug report released in 2009, M2crypto package has a bug – where the M2crypto SSL certificate checker wrongly rejects certificates that has no host name mentioned in subjectAltName extension. Later, the bug was fixed and now the M2crypto package uses the certificate’s subject field, if subjectAltName does not contain host name. So the solution is to update M2crypto package before installing Webmin package.
# yum update m2crypto Loaded plugins: security Skipping security plugin, no data Setting up Update Process Resolving Dependencies Skipping security plugin, no data --> Running transaction check ---> Package m2crypto.x86_64 0:0.16-9.el5 set to be updated
Upon successful update of m2crypto, install webmin.
# yum install webmin Resolving Dependencies --> Running transaction check ---> Package webmin.noarch 0:1.831-1 set to be updated :::::::::::::::::::: Installing : webmin Webmin install complete. You can now login to https://gridfs.ctsf.cdac.org.in:10000/ as root with your root password. Installed: webmin.noarch 0:1.831-1 Complete!