Do a comparison against the openssl.cnf supplied with OpenSSL. If you
installed OpenSSL via RPM it will be in /etc/ssl/openssl.cnf, source
installation, /usr/local/etc/ssl/openssl.cnf. Let me know how you progress
as I am keen to get our SSL support completely solid.
Tim
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Ben Kennish
> Sent: 04 June 2001 10:06
> To: [EMAIL PROTECTED]
> Subject: Re: HTTPS & OpenSSL
>
>
> "strayed?" - makes me sound like a lost sheep! ;-)
>
> Cheers for the info, Tim. Could you mail me the original openssl.cnf so
> that I could have a play with trying to get it to work?
>
> Thanks in advance,
>
> --
> Ben Kennish
>
> e: [EMAIL PROTECTED]
> w: www.fubra.com
>
>
> Tim Sellar wrote:
> >
> > Ben, you have strayed innocently into new territory... Using VSD CA
> > generated certificates in browsers is not something I have
> tried. The VSD CA
> > is intended to produce certificates and keys for SSL authenticated
> > communication between VSD servers and clients - in this
> situation they never
> > come into contact with IE or Netscape. Having said that, it
> would obviously
> > benficial to have the VSD CA producing certificates that can be
> easily used
> > for HTTPS. You could even go the whole hog and use certifiate based
> > authentication for Qpopper (supported on version 4). I hacked
> quite a bit
> > out of the openssl.cnf supplied with freeVSD-1.4.8 (compare it
> to a standard
> > distribution openssl.cnf to see) and probably removed something which
> > Netscape would have liked. You need to identify which bits need
> to go back
> > in...
> >
> > > -----Original Message-----
> > > From: [EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED]]On Behalf Of Ben Kennish
> > > Sent: 31 May 2001 17:03
> > > To: [EMAIL PROTECTED]
> > > Subject: HTTPS & OpenSSL
> > >
> > >
> > > I can't seem to set up HTTPS in of my test VS. I have
> compiled with the
> > > --with-openssl option.
> > >
> > > I have created a certificate for my host server (CA) with vsd-genca
> > > and one for my vs (vsone) using "vsd-ca_certadd vsone".
> > >
> > > But doing https://vsone.office.fubra/ doesn't seem to work (Network
> > > Error : I/O error with nutscrape.) I've checked through the default
> > > secure virtual host on the server and it seems OK. I don't
> get anything
> > > in Apache's error logs although I do get a few weird looking
> symbols in
> > > the access log!
> > >
> > > I've tried copying the .crt or .key files that are made on
> the host from
> > > vsd-ca_certadd to where Apache is looking for them on the VS but to no
> > > avail (same error.)
> > >
> > > netstat -nat shows that the VS is listening on both 443 and
> 8443 ports.
> > >
> > > Any ideas? Am I missing some vsdadm ca_certadd stuff?
> > >
> > > TIA,
> > >
> > > --
> > > Ben Kennish
> > >
> > > e: [EMAIL PROTECTED]
> > > w: www.fubra.com
