Ed Eden wrote:
netscape doesn't like ra cert. IE works through.Do you enter the correct servername? It sounds silly but bluera is not bluera.r*. All browsers support searchdomains for DNS but not all browsers support this feature in their certificate verification.
Anyone else get this?
openca-0.9.1-RC7
openssl-0.9.7-stable-SNAP-20021201
I put the ca cert and the ra cert generated by the "openca init" initialization phase 1 and 3 into an apache web server. This has worked with previous version by the way. I then try to access the RA web server with netscape 4 and get "invalid cert" error. The apache logs have:
[Tue Dec 3 12:03:55 2002] [error] mod_ssl: SSL handshake failed (server bluera.rxxx.xxx.xxx:4443, client 11.11.11.11) (OpenSSL library error follows)
[Tue Dec 3 12:03:55 2002] [error] OpenSSL: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate [Hint: Subject CN in certificate not server name or identical to CA!?]
Michael
--
-------------------------------------------------------------------
Michael Bell Email (private): [EMAIL PROTECTED]
Rechenzentrum - Datacenter Email: [EMAIL PROTECTED]
Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482
Unter den Linden 6 Fax: +49 (0)30-2093 2959
10099 Berlin
Germany http://www.openca.org
-------------------------------------------------------
This SF.net email is sponsored by: Microsoft Visual Studio.NET comprehensive development tool, built to increase your productivity. Try a free online hosted session at:
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr0003en
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
