You've probably already checked this, but there are two places to put the
ServerName, once at the top of httpd.conf, and then again inside the SSL
VirtualHost block. Are they both the same, and do they match the CN for
the certificate?
At 12:01 AM 8/9/99, you wrote:
> I'm trying to get mod_ssl running. I'm using NetBSD 1.3.3, Apache
>1.3.6, and Openssl 0.9.3a. It works for regular connections, but
>doesn't work for secure connections. When I try to make an https with
>Communictor 4.61, it says that the server's certificate is invalid, so
>I can't make a secure connection, and this is what is recorded in the
>log file:
>
>[Sun Aug 8 19:28:29 1999] [error] mod_ssl: SSL handshake failed (client
>204.174.230.6, server www.fibrenet.com:443) (OpenSSL library error follows)
>[Sun Aug 8 19:28:29 1999] [error] OpenSSL: error:0B07C065:x509 certificate
>routines:X509_STORE_add_cert:cert already in hash table
>[Sun Aug 8 19:28:29 1999] [error] OpenSSL: error:14094412:SSL
>routines:SSL3_READ_BYTES:sslv3 alert bad certificate [Hint: Subject CN in
>certificate not server name!?]
>
>I generated the certificate using "make certificate" in the Apache src
>directory and copied it into place. The CN in the certificate does
>match the server name, and the server didn't complain about a mismatch
>at startup.
>______________________________________________________________________
>Apache Interface to OpenSSL (mod_ssl) www.modssl.org
>User Support Mailing List [EMAIL PROTECTED]
>Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
