Phil Tracy wrote:
> I'm running apache 1.3.6, mod_ssl 2.2.8 and openssl 0.9.2b. I have at least
> one user with a Netscape 3.04 browser who cannot connect to this server via SSL
> ("The security library has experienced a database error. You will probably be
> unable to connect to the site securely.") It works fine for me with Netscape
> 4.5 and 4.51. The user can get to the site fine with Internet Explorer 4.0,
> but Netscape 3.04 fails consistently.
Does your CA or server cert got a key larger than 1024 bit? The
3.xx-browsers are unable to recognize signatures produced by large
keys, I remember I got the "invalid signature"-error the time I
initially tested a 2048 bit CA.
If not, try for test purpose to recreate the security databases of the
Navigator by closing, renaming cert?.db and key?.db to *.old, remove
the sec*.db and sign*.db, and restart. <Warning> these files contain
not only public keys from servers and CA's, they also contain the user
certs, and it is pretty painfull/impossible to export/import them with
3.xx </Warning>.
Eckard
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
