I would like to make a self-signed wild card cert and install the cert in my browser so that I don't get any scary warnings from the browser.
I created a self-signed wild card cert as follows: # openssl req -new -x509 -nodes -out networkguild.org.crt -keyout networkguild.org.key -days 1826 -subj "/C=US/ST=MD/O=Network Guild/CN=*.networkguild.org/[EMAIL PROTECTED]/" I then extracted the der form and stored it in a second .crt file: openssl x509 -inform PEM -outform DER -in networkguild.org.crt -out files/networkguild.org.crt I then simply pointed Mozilla at this file which is here: http://networkguild.org/sites/networkguild.org/files/networkguild.org.crt Mozilla dutifully offers to install the certificate without complaint. Unfortunately, when I access https://www.networkguild.org, it complains with the following error: Website Certified by an Unknown Authority Although it does give me the choice of accepting forever, but I shouldn't have to do this. When I click to accept here, I then get the next scary message: You have attempted to establish a connection with "networkguild.org". However, the security certificate presented belongs to "*.networkguild.org". It is possible, though unlikely, that someone may be trying to intercept your communications with this web site. However, and this was totally unexpected, IE doesn't complain at all. It found the certificate that I installed using Mozilla. Did I create my self-signed wild card cert properly? I must have done something partially correct for IE to accept it without warnings or errors. Michael Grant ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager [EMAIL PROTECTED]
