Ingo Kappler wrote: > > For secure mail connections I use a selfsigned certificate on the server, > created with openssl.
Here's the full story. The cert you sent me is neither self signed nor self issued. A self-signed cert is one whose signature can be verified using the public key found in the same certificate. When I use the RSA public key in the cert you sent me to decrypt the signature in that cert, the result is not a properly formatted PKCS#1 v1.5 signature block, so the signature does not verify. It is not a self signed cert, or its signature some some other algorithm than PKCS#1 v1.5. A self issued cert is one that identifies itself as being the certificate of its own issuer. To be a self issued cert, both of the following conditions must be true: Condition 1: the issuer name in the cert must be identically the same as the subject name in the cert, AND Condition 2: one of the following must be true: Condition 2a: The cert has no Authority Key Identifier extension, or Condition 2b: The cert has both an Authority Key Identifier extension and a Subject key identifier extension, and the two identifiers are the identical. An Authority Key identifier says, in effect, "my issuer has a subject key identifier with this value". Your cert meets condition 1, but not condition 2. Your cert contains both an authority key identifier extension and a subject key identifier extension, but the two identifiers are not equal. So, it appears that this cert is NOT its own issuer, because the subject key ID doesn't appear to match the authority key ID. A self issued cert should also be self signed. A self-signed cert should normally be self issued. If you want your cert to be both self signed and self identified, then you'll have to fix it to have these properties. > It works for my needs with netscape 6.2 and kmail and > other programs, except mozilla 1.0 and netscape 7. > I get an error message saying it couldn`t establish a secure connection for > the cert might be destroyed or not usable with error-code -8182. Right, Your cert apparently is not really self signed. The signature really does not verify using the public key in that same cert. Mozilla is now complaining about that. > What has changed? What has changed is that a new bug in mozilla causes mozilla to think that your cert IS self-issued, when it really isn't. Mozilla's check for a self-signed cert is not presently paying attention to the authority key identifier. It's ignoring condition 2. Since your certificate meets condition 1, mozilla now thinks your cert is self-issued, and therefore expects it to be self-signed, which it apparently isn't. When mozilla checks the signature on the cert with the cert's public key, it finds the signature is invalid, and so it complains. Mozilla treats the invalid signature error differently from most other cert errors. After most other cert errors, mozilla gives you the chance to accept the cert anyway and continue with SSL, storing the cert in your list of certs for trusted web servers, but when the certificate's signature is invalid, mozilla doesn't give you that option. That's certainly an inconsistency, and I think it's a bug. I have filed two new bugs against mozilla's security components for these two issues. http://bugzilla.mozilla.org/show_bug.cgi?id=157218 http://bugzilla.mozilla.org/show_bug.cgi?id=157224 In the meantime, you can change your cert so that it works with any version of mozilla or communicator. You could do any of the following: 1. issue your server a new cert that does not meet condition 1 of being self issued. In other words, issue a new cert that appears to have been issued by a cert with a different subject name, one that doesn't exist. That cert will behave exactly the same way with N7 that your old cert behaved with old versions of N6. or 2. issue your server a new cert that really is self-signed and really is self-issued. I don't know why your present certificate isn't really self signed. Since you made it with OpenSSL, you'll have to ask some OpenSSL folks what to do differently to be self signed. As for being self issued, I suggest you simply leave off the authority and subject key ID extensions from the cert. Either way, be sure you don't issue a new cert with the same issuer and serial number as you've used before. Be sure your new certs all have new and unique serial numbers. Otherwise, you'll run into more troubles. > Thanks Ingo -- Nelson B (Please don't reply to this email address. Please reply to the newsgroup.)
