> > On Wed, Mar 10, 1999, glin wrote:
> >
> > > Seems to me, according to the message, the certificate is corrupted or
> > > modified, or signed with a different private key from the ca's. Did you see
> > > this msg in the server's log? Or in the browser?
>
> Nothing appears in the log files but Netscape says: "The server's certificate has
> an invalid signature. You will not be able to connect to this site securely."
[skip]
> I first thought that it could happen because I used the server key unencrypted or
> because I left the challenge password blank. But then I tried encripted key and
> supplied the challenge password while making CSR, but nothing were changed. BTW,
> I entered all the fields in CA cert the same as in server CSR - could this be a
> reason?
I finally found that the problem was really caused by the equality of CA
certificate's and server certificate's identifying fields. I don't know why but this
ted to digital signature creation failure.
--
Anton Voronin | Ural Regional Center of FREEnet,
[EMAIL PROTECTED] | Southern Ural University, Chelyabinsk, Russia
http://www.urc.ac.ru/~anton | Programmer & System Administrator
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
