On Sun, Apr 09, 2000, verdelli christian wrote:
> I have configured my apache with mod_ssl, create my own CA certificate and a
> certificate for the web
> server , signed with my CA certificate.
> I try to connect with another machine using netscape 4.61 on the encripted
> port, and everithing works
> fine.
> I don't have installed my own certificate on the client , and when I connect
> to https it asks me If I want to
> trust the certificate ;
> the only thing I did was add this lines to httpd.conf
>
> Addtype application / x-cert .crt
> SSLCertificate /path/to/certificate
>
> I want to know how the server send the certficate to the client (which is
> then trusted by this) .
The client can only trust server certificates if it is able to verify
it. For this it needs the issuer/CA certificate. If it has not this CA
certificate (= your own CA certificate) the client cannot verify your
server certificate. So it is clear that it asks you to manually force
it to trust your server certificate with a popup dialog. That's all the
usual and expected behavior.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
