I need to create a Certificate Signing Request for the DoD Certificate
Authority. DoD uses a Netscape Certificate Server to manage and sign its
certificates.
To date, I have not been able to generate a CSR that is acceptable to the
Netscape Certificate Server. All requests are rejected with a "bad DER
encoding" error. While this may be an accurate error, I am beginning to
suspect that the problem may be a field that is required by the Netscape
Certificate Server but that is optional or not used by a commercial third-
party Certificate Authority, e.g. VeriSign, Thawte, CyberTrust, etc.
Currently, I'm using Apache/Stronghold rather than Apache/mod_ssl; however,
due to the common SSL ancestry, I'm hopeful that someone has had to address
this problem and can provide a solution to my problem.
I have not made any changes to any SSL configuration files. And, I have
only used the basic utilities to convert from the PEM formats used in an
Apache SSL environment to the DER formats used by Netscape.
Merton Campbell Crockett
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
