Dario Prester wrote: > > I think that the generation/configuration of certificates should be OK. > Anyway, I attached below an extract of the httpd.conf that I am using for > SSL > SSLCertificateFile /opt/apache/ssl/certs/server3.crt > SSLCertificateKeyFile /opt/apache/ssl/private/server2.key > SSLCertificateChainFile /opt/apache/ssl/certs/ca.crt
I don't use the SSLCertificateChainFile directive myself so maybe it has an effect that I'm unfamiliar with but... I do notice that your .crt and .key files have different file-stems (i.e. "server3" and "server2"). Since the .crt file contains your public key and the .key file contains your private key, they obviously have to be part of a pair (i.e. generated at the same time). This may be the case, but your filenames imply they might not be... Did you make server2.key and server3.crt in the same certificate-generation process? (i.e. did you make the key first, then make a certificate signing request (CSR) then make a crt? Rgds, Owen Boyle. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
