Cliff, Here is what I did. Any ideas what I can do to quickly fix it?
On 1.3.24 I ran make certificate TYPE=custom, and sent the csr off to esign be signed, but not this time because I wanted to keep the keys esigned keys. Not so funny thing is that it is that ALL is well when I get there on MSIE browsers. ???? cd apache_1.3.26 cd ../../mod_ssl gunzip mod_ssl-2.8.10-1.3.26.tar.gz tar -vxf mod_ssl-2.8.10-1.3.26.tar cd mod_ssl-2.8.10-1.3.26 make clean less INSTALL # Read the INSTALL file cd ../../openssl/openssl-0.9.6b make clean # Used gcc. Gcc supports position independant code flag. ./Configure no-threads solaris-sparcv9-gcc -fPIC make make test cd ../../mm/mm-1.1.3 ./configure --disable-shared make cd ../../mod_ssl/mod_ssl-2.8.10-1.3.26 # --enable-rule=SHARED_CORE ./configure --with-apache=../../apache/apache_1.3.26 cd ../../apache/apache_1.3.26 env LIBS=/usr/lib/libC.so.5 CFLAGS=-fPIC SSL_BASE=../../openssl/openssl-0.9.6b ./configure --enable-module=ssl --enable-module=so --enable-shared=ssl --enable -module=rewrite --prefix=/opt/apache --runtimedir=/var/opt/apache --logfiledir=/ var/opt/apache make make install # ls -l ssl.crt total 548 lrwxrwxrwx 1 root root 19 Jul 1 17:16 0cf14d7d.0 -> snakeoil-ca-dsa.crt lrwxrwxrwx 1 root root 6 Jul 1 17:16 27c9619a.0 -> ca.crt lrwxrwxrwx 1 root root 16 Jul 1 17:16 5d8360e1.0 -> snakeoil-dsa.crt lrwxrwxrwx 1 root root 16 Jul 1 17:16 82ab5372.0 -> snakeoil-rsa.crt -rw-r--r-- 1 root root 1522 Feb 27 16:53 Makefile -rw-r--r-- 1 root root 1386 Feb 27 16:53 README.CRT lrwxrwxrwx 1 root root 10 Jul 1 17:16 c5f0b2a4.0 -> server.crt -r-------- 1 root root 242153 Feb 27 16:53 ca-bundle.crt -r-------- 1 root root 1318 Feb 27 16:54 ca.crt lrwxrwxrwx 1 root root 19 Jul 1 17:16 e52d41d0.0 -> snakeoil-ca-rsa.crt -r-------- 1 root root 1874 Feb 28 12:05 server.crt -r-------- 1 root root 1874 Feb 28 09:15 server.crt.esign -r-------- 1 root root 1298 Feb 27 16:54 server.crt.orig -r-------- 1 root root 1472 Feb 27 16:54 snakeoil-ca-dsa.crt -r-------- 1 root root 1192 Feb 27 16:53 snakeoil-ca-rsa.crt -r-------- 1 root root 1452 Feb 27 16:54 snakeoil-dsa.crt -r-------- 1 root root 1176 Feb 27 16:54 snakeoil-rsa.crt Cliff Woolley wrote: >On Mon, 15 Jul 2002, Christopher Welsh wrote: > > > >>The certificate was issued by a certificate authority that netscape >>6.2.3 does not recognize. >> >>Can anyone help? I need to resolve this quickly. I'm sure this was not >>happening before I upgraded to 1.3.26 with x.x.10 mod_ssl when the >>security alert came out. Perhaps I missed something when I performed a >>make install over the top of the old version. >> >> > >You seem to now be using an invalid (possibly self-signed?) server >certificate. Did you run "make certificate" by chance? You shouldn't >have. > >--Cliff > >______________________________________________________________________ >Apache Interface to OpenSSL (mod_ssl) www.modssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] > > -- Christopher Welsh Barwon Regional Water Authority, Geelong Victoria, 3216 Voice: 03 52 262385, Mobile: 0409 562968 ********************************************************************************************* The information in this e-mail message and any files transmitted with it are confidential and/or privileged and are intended only for the use of the individual or entity to whom they are addressed. If you received this message in error please notify us immediately by telephone or return e-mail and delete all copies from your computer system, as your retention, distribution or copying of this message and files is strictly prohibited. It is the recipient's responsibility to check this message and files for viruses. *********************************************************************************************** ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]