ITsVISTA
Information that makes life easier when it comes to installing, managing, and using Windows Vista.
Start About FAQ Blogroll Shop

ITsVISTA KB-Link: KB2282241

An error occurs when you use the alias name from an LDAP client computer that is running Windows Vista or Windows Server 2008 to try to establish SSL connections to nodes that host the LDAP service

Consider the following scenario:

  • The Lightweight Directory Access Protocol (LDAP) directory service is hosted on many nodes behind a Network Load Balancing (NLB) server.
  • The nodes are protected by Secure Socket Layer (SSL) and are configured to use an alias name.
  • You try to establish SSL connections to the nodes by using the alias name of the LDAP client computer that is running Windows Vista or Windows Server 2008.

In this scenario, the operation fails, and you receive the following error message:

<Result value="800B010F">The certificate's CN name does not match the passed value.</Result>

Additionally, the following Error event is logged in the System log:

Event Type: Error
Event Source: Schannel
Event ID: 36884
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is server_name. The SSL connection request has failed. The attached data contains the server certificate.

There is a download that resolves this issue. See Hotfixes for details.
32-bit Download: Contact Microsoft
64-Bit Download: Contact Microsoft

For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB2282241.

Get notified of new posts for FREE via RSS or E-mail

Subscribe to ITsVISTA!

Related Posts