Ben, you have strayed innocently into new territory... Using VSD CA
generated certificates in browsers is not something I have tried. The VSD CA
is intended to produce certificates and keys for SSL authenticated
communication between VSD servers and clients - in this situation they never
come into contact with IE or Netscape. Having said that, it would obviously
benficial to have the VSD CA producing certificates that can be easily used
for HTTPS. You could even go the whole hog and use certifiate based
authentication for Qpopper (supported on version 4). I hacked quite a bit
out of the openssl.cnf supplied with freeVSD-1.4.8 (compare it to a standard
distribution openssl.cnf to see) and probably removed something which
Netscape would have liked. You need to identify which bits need to go back
in...
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Ben Kennish
> Sent: 31 May 2001 17:03
> To: [EMAIL PROTECTED]
> Subject: HTTPS & OpenSSL
>
>
> I can't seem to set up HTTPS in of my test VS. I have compiled with the
> --with-openssl option.
>
> I have created a certificate for my host server (CA) with vsd-genca
> and one for my vs (vsone) using "vsd-ca_certadd vsone".
>
> But doing https://vsone.office.fubra/ doesn't seem to work (Network
> Error : I/O error with nutscrape.) I've checked through the default
> secure virtual host on the server and it seems OK. I don't get anything
> in Apache's error logs although I do get a few weird looking symbols in
> the access log!
>
> I've tried copying the .crt or .key files that are made on the host from
> vsd-ca_certadd to where Apache is looking for them on the VS but to no
> avail (same error.)
>
> netstat -nat shows that the VS is listening on both 443 and 8443 ports.
>
> Any ideas? Am I missing some vsdadm ca_certadd stuff?
>
> TIA,
>
> --
> Ben Kennish
>
> e: [EMAIL PROTECTED]
> w: www.fubra.com
