Joey:
Actually, I had a different certificate previously installed
in netscape and the two certificates were colliding.
I really apprecaite your help though.
Thanks,
Neil.
Joey Wang wrote:
>
> Hi,
>
> I have seen the same problem once. I have generated the RAS certificate
> using mod_ssl's make certificate utility and choose NOT to encrypt the key,
> I got exactly the same problem. But if you choose to encrypt the key when
> runing mod_ssl's make certificate utility, you will be fine. If you do not
> want to encrypt the key, you can use openssl's CA utility to self-sign a
> cert (without key encryption). That should work too. Let me know if that
> helps.
>
> Joey
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Neil Aggarwal
> Sent: Tuesday, April 24, 2001 4:13 PM
> To: [EMAIL PROTECTED]
> Subject: Netscape give I/O Exception, IE OK
>
> Hello:
>
> This is really strange.
>
> I am using a test server certificate generated from mod SSL 2.8.2
> for apache 1.3.19 on a freshly installed Redhat 7.1 server.
> I used the stock openssl (OpenSSL 0.9.6-3) that came with the
> installation.
>
> If I connect to https://serverName using Internet Explorer,
> everything works fine. I get the dialog box that says that
> the certificate is not from a trusted authority and then
> when I hit OK, I get the apache test page.
>
> If I try it in Netscape, I get the dialog box about the
> certificate name check and then, when I hit continue,
> I get another dialog box that states:
> An I/O error occurred during security authorization.
> Please try your connection again.
>
> I can repeat this as many times as I like, but the exception
> always pops up.
>
> Here are some messages in the error_log:
> [Tue Apr 24 15:08:28 2001] [notice] Apache/1.3.19 (Unix) mod_jk
> mod_ssl/2.8.1 OpenSSL/0.9.6 configured -- resuming normal operations
> [Tue Apr 24 15:08:43 2001] [error] mod_ssl: SSL handshake failed (server
> www.JAMMConsulting.com:443, client 192.168.1.2) (OpenSSL library error
> follows)
> [Tue Apr 24 15:08:43 2001] [error] OpenSSL: error:0407106B:rsa
> routines:RSA_padding_check_PKCS1_type_2:block type is not 02
> [Tue Apr 24 15:08:43 2001] [error] OpenSSL: error:04065072:rsa
> routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed
> [Tue Apr 24 15:08:43 2001] [error] OpenSSL: error:1408B076:SSL
> routines:SSL3_GET_CLIENT_KEY_EXCHANGE:bad rsa decrypt
>
> Does anyone know what this means and why it is occurring?
>
> Thanks,
> Neil.
>
> --
> Neil Aggarwal
> JAMM Consulting, Inc. -- (972) 612-6056, http://www.JAMMConsulting.com
> Custom Internet Development -- Java, JSP, servlets, databases
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
--
Neil Aggarwal
JAMM Consulting, Inc. -- (972) 612-6056, http://www.JAMMConsulting.com
Custom Internet Development -- Java, JSP, servlets, databases
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
