Hi Stephan,
to sign your own certificate, you cannot use a plain server certificate. You
need a CA certificate, a certificate, which allows you to sign other
certificates. There are many different types of certificates, each serves
one ore more special purposes. A server certificate can only be used for
authenticating your server on the web. It is even bound to the name of the
server it is used for.
To get an official CA certificate may cost you a lot of money and may also
be an organisatorical nightmare, because you need to meet special
requirements from the root authority your certificate comes from. Maybe you
should just use your own "unofficial" CA Certificate, which is signed by
your own "unofficial" Root CA Certificate.
Good Luck
Stefan
-----Ursprüngliche Nachricht-----
Von: Stephan Martin [mailto:[EMAIL PROTECTED]]
Gesendet: Donnerstag, 1. Februar 2001 10:29
An: [EMAIL PROTECTED]
Betreff: client authentication
Hi all,
i've got a problem with client-authentication via ssl-client-certificates.
It's no problem to get it to work with my selfmade CA and
client-certificates signed by this CA.
But i would like to get an "official" server-certificate from thawte,
verisign,
or something like this. So i tried to use the server-certificate to sign
the client-request and to create client-certificates with my server-key
and not with the CA-key this way.
But it looks like this won't be possible, or i'm too stupid...
Has got anybody an idea if it's not possible, or what i have to look for ??
thanks...
stephan
--
t="\$_='for(\$i=-2;\$_=substr(\"2720ab25409d2500f82310a6272\",\$i+=2,3);)
.~.
/V\ [ [EMAIL PROTECTED] 0911.740 53-466 ]
/( )\
^ ~ ^ {\$_=\$i++%2?hex:oct;\$_=chr(\$_%(2**2*22));\$_=\$i?lc:{};print;
}';s/\( +\)|[.\/V~^\\\]+| {2,}|\\[\s+.+\s+\\]//g;eval \$_;"&&echo $t|perl
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
