> Are you able to post the certificate here? It sounds like the issue may be
> the
> key usage, or an entry in some other field - I've seen results like this
> if
> you don't have key agreement set, or some of the other fields mangled, or
> particular security settings enabled in your certificate.
Hi,
Please find attached the CA cert and the server cert.
I can successfully import the CA cert into IE, under Trusted Root
Certification Authorities.
If I download the server cert and open it from Windows (XP), it's
description says:
"This certification authority does not appear to be allowed to issue
certificates or cannot be used as an end-entity certificate."
Thank you,
BBR
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=RO, ST=Romania, O=ViitorPlus - Asociatia pentru Dezvoltare
Durabila, OU=Mailserver, CN=mail.viitorplus.ro/[EMAIL PROTECTED]
Validity
Not Before: Oct 13 11:05:36 2006 GMT
Not After : Oct 13 11:05:36 2007 GMT
Subject: C=RO, ST=Romania, L=Bucuresti, O=ViitorPlus - Asociatia pentru
Dezvoltare Durabila, OU=Mailserver, CN=mail.viitorplus.ro/[EMAIL PROTECTED]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:9d:fc:97:66:39:ea:e9:71:8f:ac:bc:61:6c:3c:
ea:22:c4:63:7b:5d:e0:30:90:36:0d:cb:e8:1a:fc:
94:c3:16:d2:3e:68:0a:28:7e:5b:f2:df:c1:26:db:
f9:7b:e7:ba:0c:db:ce:14:e1:7b:06:fc:de:84:f4:
c9:75:2e:2b:3c:59:35:77:2e:6f:69:86:f4:06:45:
b0:d0:d6:63:3c:f0:5a:e6:93:85:63:76:48:05:bc:
a4:f9:6c:c4:f2:46:52:b4:24:33:86:be:f7:8f:e3:
26:ac:c6:54:91:d0:22:90:ed:65:43:0f:ce:fd:3c:
0e:22:e2:a6:c6:3a:58:c9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
82:F6:EB:37:29:D0:01:77:69:9A:A6:D0:5B:96:1C:2B:11:56:BA:9B
X509v3 Authority Key Identifier:
keyid:B8:08:C2:8D:00:43:01:FD:1E:58:8C:6B:E2:4A:A2:93:EB:FC:50:0F
Signature Algorithm: sha1WithRSAEncryption
a4:ba:b4:28:8b:92:06:9d:a6:dc:e9:17:71:03:f8:51:52:a4:
da:62:86:ee:68:77:8f:e2:a7:cc:13:5e:91:a7:13:45:25:68:
37:4f:0b:01:5e:1c:5d:10:2b:6c:4b:7c:f7:0b:77:7a:f9:ea:
f7:8b:14:20:42:32:10:e5:12:9a:0a:f0:b9:fd:e1:bb:93:8d:
33:78:94:8a:d1:57:e7:25:d7:2b:d3:87:55:b2:95:48:5e:83:
f5:f9:fb:e4:1b:71:93:c4:0c:e4:e6:02:8a:c0:6f:44:bd:ed:
21:db:92:f0:ca:a3:c1:7e:d2:1f:6d:bd:92:09:7d:72:4b:a0:
f5:b0
-----BEGIN CERTIFICATE-----
MIIDczCCAtygAwIBAgIBATANBgkqhkiG9w0BAQUFADCBtjELMAkGA1UEBhMCUk8x
EDAOBgNVBAgTB1JvbWFuaWExOjA4BgNVBAoTMVZpaXRvclBsdXMgLSBBc29jaWF0
aWEgcGVudHJ1IERlenZvbHRhcmUgRHVyYWJpbGExEzARBgNVBAsTCk1haWxzZXJ2
ZXIxGzAZBgNVBAMTEm1haWwudmlpdG9ycGx1cy5ybzEnMCUGCSqGSIb3DQEJARYY
cG9zdG1hc3RlckB2aWl0b3JwbHVzLnJvMB4XDTA2MTAxMzExMDUzNloXDTA3MTAx
MzExMDUzNlowgcoxCzAJBgNVBAYTAlJPMRAwDgYDVQQIEwdSb21hbmlhMRIwEAYD
VQQHEwlCdWN1cmVzdGkxOjA4BgNVBAoTMVZpaXRvclBsdXMgLSBBc29jaWF0aWEg
cGVudHJ1IERlenZvbHRhcmUgRHVyYWJpbGExEzARBgNVBAsTCk1haWxzZXJ2ZXIx
GzAZBgNVBAMTEm1haWwudmlpdG9ycGx1cy5ybzEnMCUGCSqGSIb3DQEJARYYcG9z
dG1hc3RlckB2aWl0b3JwbHVzLnJvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQCd/JdmOerpcY+svGFsPOoixGN7XeAwkDYNy+ga/JTDFtI+aAooflvy38Em2/l7
57oM284U4XsG/N6E9Ml1Lis8WTV3Lm9phvQGRbDQ1mM88Frmk4VjdkgFvKT5bMTy
RlK0JDOGvveP4yasxlSR0CKQ7WVDD879PA4i4qbGOljJ+QIDAQABo3sweTAJBgNV
HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp
Y2F0ZTAdBgNVHQ4EFgQUgvbrNynQAXdpmqbQW5YcKxFWupswHwYDVR0jBBgwFoAU
uAjCjQBDAf0eWIxr4kqik+v8UA8wDQYJKoZIhvcNAQEFBQADgYEApLq0KIuSBp2m
3OkXcQP4UVKk2mKG7mh3j+KnzBNekacTRSVoN08LAV4cXRArbEt89wt3evnq94sU
IEIyEOUSmgrwuf3hu5ONM3iUitFX5yXXK9OHVbKVSF6D9fn75Btxk8QM5OYCisBv
RL3tIduS8MqjwX7SH229kgl9ckug9bA=
-----END CERTIFICATE-----Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=RO, ST=Romania, O=ViitorPlus - Asociatia pentru Dezvoltare
Durabila, OU=Mailserver, CN=mail.viitorplus.ro/[EMAIL PROTECTED]
Validity
Not Before: Oct 13 11:04:32 2006 GMT
Not After : Oct 10 11:04:32 2016 GMT
Subject: C=RO, ST=Romania, O=ViitorPlus - Asociatia pentru Dezvoltare
Durabila, OU=Mailserver, CN=mail.viitorplus.ro/[EMAIL PROTECTED]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:e6:0e:73:93:1a:09:f0:ff:28:21:a4:81:47:25:
51:37:7d:92:d6:13:49:6d:e5:40:c3:9a:45:51:5c:
92:92:7c:cf:8c:77:28:36:91:d9:f5:07:8e:b1:a6:
2e:19:2b:a9:ae:19:df:37:8d:a1:7d:90:ce:0b:a0:
2c:75:66:10:50:eb:63:7a:96:5e:20:c4:05:e7:b3:
cb:3c:f0:cd:32:2a:54:fc:52:c0:7e:0d:7c:e8:ea:
14:1c:5d:5f:85:7a:b3:26:06:16:ca:64:c3:79:55:
6f:5d:69:a7:7d:e9:24:e4:e9:29:d0:ce:9e:ee:73:
06:d2:f6:c7:e2:52:d0:0a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
B8:08:C2:8D:00:43:01:FD:1E:58:8C:6B:E2:4A:A2:93:EB:FC:50:0F
X509v3 Authority Key Identifier:
keyid:B8:08:C2:8D:00:43:01:FD:1E:58:8C:6B:E2:4A:A2:93:EB:FC:50:0F
Signature Algorithm: sha1WithRSAEncryption
a7:5b:9e:c0:ab:ae:95:a9:93:1e:c8:10:41:9e:a9:f4:52:6c:
c6:b8:a1:71:ec:62:e7:71:2f:53:c8:e0:34:52:6e:ed:6f:a4:
50:86:78:ed:79:4c:41:bb:79:2a:b8:22:45:55:73:a6:63:66:
ca:2c:86:d1:80:eb:a8:5a:21:20:26:3b:05:e3:f3:07:01:6b:
e0:d7:16:ee:92:7a:1d:b6:ac:9d:de:78:3e:46:56:ae:9d:a5:
ac:ea:bb:5b:47:f0:8e:b4:62:7f:e8:7e:5a:aa:7f:49:8b:ba:
f2:77:bd:65:22:a6:1d:bf:3b:e1:4d:aa:dc:29:2a:5f:54:0d:
22:af
-----BEGIN CERTIFICATE-----
MIIDXzCCAsigAwIBAgIBADANBgkqhkiG9w0BAQUFADCBtjELMAkGA1UEBhMCUk8x
EDAOBgNVBAgTB1JvbWFuaWExOjA4BgNVBAoTMVZpaXRvclBsdXMgLSBBc29jaWF0
aWEgcGVudHJ1IERlenZvbHRhcmUgRHVyYWJpbGExEzARBgNVBAsTCk1haWxzZXJ2
ZXIxGzAZBgNVBAMTEm1haWwudmlpdG9ycGx1cy5ybzEnMCUGCSqGSIb3DQEJARYY
cG9zdG1hc3RlckB2aWl0b3JwbHVzLnJvMB4XDTA2MTAxMzExMDQzMloXDTE2MTAx
MDExMDQzMlowgbYxCzAJBgNVBAYTAlJPMRAwDgYDVQQIEwdSb21hbmlhMTowOAYD
VQQKEzFWaWl0b3JQbHVzIC0gQXNvY2lhdGlhIHBlbnRydSBEZXp2b2x0YXJlIER1
cmFiaWxhMRMwEQYDVQQLEwpNYWlsc2VydmVyMRswGQYDVQQDExJtYWlsLnZpaXRv
cnBsdXMucm8xJzAlBgkqhkiG9w0BCQEWGHBvc3RtYXN0ZXJAdmlpdG9ycGx1cy5y
bzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5g5zkxoJ8P8oIaSBRyVRN32S
1hNJbeVAw5pFUVySknzPjHcoNpHZ9QeOsaYuGSuprhnfN42hfZDOC6AsdWYQUOtj
epZeIMQF57PLPPDNMipU/FLAfg186OoUHF1fhXqzJgYWymTDeVVvXWmnfekk5Okp
0M6e7nMG0vbH4lLQCj8CAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0E
HxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFLgIwo0A
QwH9HliMa+JKopPr/FAPMB8GA1UdIwQYMBaAFLgIwo0AQwH9HliMa+JKopPr/FAP
MA0GCSqGSIb3DQEBBQUAA4GBAKdbnsCrrpWpkx7IEEGeqfRSbMa4oXHsYudxL1PI
4DRSbu1vpFCGeO15TEG7eSq4IkVVc6ZjZsoshtGA66haISAmOwXj8wcBa+DXFu6S
eh22rJ3eeD5GVq6dpazqu1tH8I60Yn/oflqqf0mLuvJ3vWUiph2/O+FNqtwpKl9U
DSKv
-----END CERTIFICATE-----
