PGP client prompts error "presented a TLS certificate for a domain name which does not match"

book

Article ID: 157439

calendar_today

Updated On:

Products

Desktop Email Encryption Drive Encryption Encryption Management Server PGP SDK

Issue/Introduction

Full error message: Server Hostname.com presented a TLS certificate for a domain name which does not match (Aliasname.com)

Error : "presented a TLS certificate for a domain name which does not match"

Cause

This occurs if the hostname on the certificate do not match to the hostname in the PGP Stamp.

Resolution

 

If you get the below PGP ALERT
 
Server ‘abc.example.com’ presented a TLS certificate for a domain name which does not match (keys.example1.com).
 
Below are the steps to follow :
 
1.       Exit the PGPTray.exe by ‘Right Click’ on PGP Desktop/Symantec Encryption Desktop icon on the system tray.
2.       Click on Exit PGP Services. Open ‘Task Manager’ and look for the Process PGPTray.exe under the process tab.
 
For Windows 32bit follow the below :
1.       Go to Start, Run, and in the run box type in ‘regedit’
2.       Go to HKLM_Software/PGP Corporation/PGP
3.       In front of PGP Stamp - modify the Data from Hostname to Alias name Chang the PGP stamp to alias name (keys.example1.com) other than host name (abc.example.com).
 
For Windows 32bit follow the below :
1.       Go to Start, Run, and in the run box type in ‘regedit’
2.       Go to HKLM_Software/Wow6432node/PGP Corporation/PGP
3.       In front of PGP Stamp - modify the Data from Hostname to Alias name Chang the PGP stamp to alias name (keys.example1.com) other than host name (abc.example.com).
 
Note : If you have several user facing same problem, then you can run a script for Re- enrollment provided the sample Script for PGP re enrollment on Windows Registry Editor Version 5.00
 
Example :  
[HKEY_LOCAL_MACHINE\SOFTWARE\PGP Corporation\PGP]
"PGPSTAMP"="ovid=keys.example1.com&mail=*&admin=1"

Applies To

Windows 7 & Windows XP

PGP version 3.x