RE: how to generate an authoritive CA Certificate?

[Jose Correia (J)]

Hi there   There is nothing wrong with your certificate, the browser is correctly picking up that it isn't from a trusted source. If you were to import the certificate on to your client machine and add it on to the list of trusted certificates by your client machine, then that message will go away.   I personally, for testing purposes, just say ok when that message pops up, and proceed and proceed as normal.   Cheers Jose   -----Original Message----- From: zhaoxd [mailto:[EMAIL PROTECTED]] Sent: 10 September 2002 08:05 To: [EMAIL PROTECTED] Subject: how to generate an authoritive CA Certificate? hello,everybody:    Glad to talk to you!  I happen to be a learner,so,if I have some problems let you feel bad,patient to me,please!     When I constructed my web station through apache,I met with some problems!      I made the CA Certificate by myself,and issued a server.crt for my web server using this CA,but I found an unexpected warning happened when I tried to connect my apache server through MSIE&netscape.There is a warning message which says my certificate is not issued by Trusted CA.     I think the CA generated by myself must be have some problems.My question is:can guys make CA by themselves?     If so,the steps I generate my CA are:       1.create a RSA private key for my CA:         $openssl genrsa -des3 -out ca.key 1024     2.create a self-signed CA Certificate (X509 structure) with the RSA key of the CA.         $openssl req -new -x509 -day 365 -key ca.key -out ca.crt     3.sign the certificate of my server using sign.sh provided by mod_ssl/pkg.contrib/         $sign.sh server.csr     Then I got my server.crt issued by my CA Certificate.        Is there any problems during the process I generate CA?   Any help are appreciated!:)                                         zhaoxd