On Mon, Sep 21, 1998, Tim Hudson wrote:
> According to Ralf S. Engelschall:
> > > redback:/usr/local/httpd/etc/k# ./ca.sign server.csr
> > [...]
> > > error 7 at 0 depth lookup:certificate signature failure
> > Is the problem already solved or is it still present?
> > If it's still present I've no clue why it fails this way.
> You get this sort message if you do things like have the DN of the CA
> and the server the same - the lookup is done by name and finds the "wrong"
> certificate.
>
> You can also get the same problem if you overwrite the key file or use
> the wrong key file for the server.
>
> Together these are the two most common reasons for this "problem".
Oh, I see. Thanks for making it clear, Tim. These actually can be the reasons
why it failed for the user. But with the current `make certificate' approach
this should no longer occur (the defaults of the DN's are different in the
dialog). So I hope the user re-create his certs the new way now.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
