The step I see missing is importing your CA certificate into your mozilla certificate database. What are the trust bits on the CA in that database.
bob Diplo wrote: > Hi, > i get an error, if i try to connect to my webserver with mozilla. the > webserver is secured with x.509-certificate. > On a Linux-machine i have an Certification Authority. On a > Win2k-computer i have an IIS5 running. i created a request with the IIS > and signed it on my CA as a server certificate. then i imported the > root-CA-certificate and the server certificate into my webserver. > Everything semms to be normal. I have no problems to connect to my > webserver with IE securely with SSL, but if i try to connect with > mozilla or netscape, i get an security error with any security libary. > Does anybody knows something about this problem? The CA works with > OpenSSL. Is there any attribute, wich needs a special value? I set the > following for server certificates: > basicConstraints = critical,CA:FALSE (also without this, it doesnt work) > extendedKeyUsage = serverAuth > > Carsten >
