On Fri, Nov 05, 1999, [EMAIL PROTECTED] wrote:
> I have a problem using a Global Server certificate from Versisign in conjunction
> with Apache (Apache 1.3.9, modssl 2.4.8, openssl 0.9.4).
>
> I applied for a Global Server certificate based on the Stronghold server as it was
> recommended on this mailing list. I got that certificate and was able to add it so
>that is is
> used when users load pages from the web server.
>
> Unfortunately, the browsers still don't recognize the CA. That's ok, because the
>intermediate
> certificate ist not yet configured. My problem is what do I have to do with this
>intermediate
> certificate? Pointing with SSLCertificateChainFile to a file containing the
>intermediate
> certificate results in an error message (Failed to configure CA certificate chain).
>I tried
> to add the whole ca-bundle.crt file to that file, but it didn't help.
Pointing SSLCertificateChainFile to the intermediate CA file is correct. If
you get an error I guess the CA file is not in PEM format or something else is
messed up. Use "openssl x509 -noout -text -in <file>" to make sure OpenSSL can
read the CA file.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
