You have set your mod_ssl up correctly, however your browser is telling you that you did not pay from $100 to $1000 to one of the CA's listed as trusted by the vendor of your BROWSER.
To avoid the message, you need to store the certificate for the website in your browser's database of trusted CA's - in IE double click on the padlock - View the certificate, Install button, then explicitly save it to the Trusted Root Certification Authorities. Of course if/when you go public, you will not be able to ask the public to do this - at that point go get the cheapest certificate you can buy that comes from a company listed as trusted by all the browsers out there. I recommend Thawte because they're cheap, and so far, in my experience, have not cut any corners in verifying the legal status of the companies the certificates are for. look in the 'Trusted Root CA's' list on your browser to see all the CA's out there if you want to choose a CA. (I have no affiliation to thawte, other than as a satisfied client). Nisarg Rav wrote: >helo gurus, > >i'm new on this group. Plese guide me to solve my problem regarding openssl. > >I have successfully installed and configured Apache 1.3.23 + mod_ssl 2.8.7-1.3.23 and >openssl-0.9.6b. >I also get success in generating Certificate Authority ca.key and ca.crt and on basis >on that also able to creat www.virtualhost.cxm.crt properly. >even after starting apache these all is responding fine . > >But in my certificate i'm getting that " This certificate can not be verified upto >trusted certification authority. " > >As i have generated my ouw CA this is obvious but it there any way to remove this or >to remove the red cross sign from certificate ? > >Please guide me .. > >watiting for reply .. > >nisarg > >_____________________________________________________________ >Want a new web-based email account ? ---> http://www.firstlinux.net > >_____________________________________________________________ >Run a small business? Then you need professional email like [EMAIL PROTECTED] from >Everyone.net http://www.everyone.net?tag >______________________________________________________________________ >Apache Interface to OpenSSL (mod_ssl) www.modssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
