<<On Fri, 5 May 2000 23:16:42 -0400, Forrest Aldrich <[EMAIL PROTECTED]> said:

> FWIW, I've had a weird (perhaps related) problem, only in the
> reverse.   After creating a certificate (ie: 'make certificate' in
> apache), I was unable to connect to the server from a Netscape
> 4.72 browser.  It only told me there was a decryption error in the
> apache logs.

I've had this problem with recent values of OpenSSL since last
November.  I haven't gotten around to playing with permutations of the
openssl.cnf file yet.  I tried my site certificate on various versions
of Netscape and Exploder, and all of them failed in a similar manner,
but `openssl s_client' worked just fine, and all the other clients
failed identically against `openssl s_server'.  I sent a note about
this to the OpenSSL mailing-list, and did not receive a single
relevant response.  (I guess they're not used to people who run their
own certificate authorities.)  [This is one of the areas in which my
job requires me to play with stuff which I would not use myself for
programming-freedom reasons.  At least we don't have to pay Jim Bidzos
for the privilege....]


Garrett A. Wollman   | O Siem / We are all family / O Siem / We're all the same
[EMAIL PROTECTED]  | O Siem / The fires of freedom 
Opinions not those of| Dance in the burning flame
MIT, LCS, CRS, or NSA|                     - Susan Aglukark and Chad Irschick

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to