Hi, all
I use apache 1.3.12 + modssl 2.6.6 + openssl 0.9.5a now, we passed
all self test, then we buy crt file from VeriSign, but Palm's browser
can not browser our site, when I install it on IIS server, it can
work, I use openssl test the connection, I found the verify depth is
not same, below is the msg printed by openssl, anybody can tell me
what's wrong? thanks in advance.
///////////////////////////////////////////////////////////////////////
IIS msg
///////////////////////////////////////////////////////////////////////
Loading 'screen' into random state - done
CONNECTED(00000100)
depth=1 /O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Se
rver CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 Ver
iSign
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=US/ST=California/L=Fremont/O=OnceAgain Inc./OU=Independent Internet Soft
ware Vendor/OU=Terms of use at www.verisign.com/rpa (c)00/CN=www.onceagain.com
i:/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Serve
r CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSi
gn
1 s:/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Serve
r CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSi
gn
i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
..........................................
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Fremont/O=OnceAgain Inc./OU=Independent Internet S
oftware Vendor/OU=Terms of use at www.verisign.com/rpa (c)00/CN=www.onceagain.co
m
issuer=/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Ser
ver CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 Veri
Sign
---
No client certificate CA names sent
---
SSL handshake has read 2684 bytes and written 312 bytes
---
...................................
///////////////////////////////////////////////////////////////////////////////
apache + modssl msg
///////////////////////////////////////////////////////////////////////////////
Loading 'screen' into random state - done
CONNECTED(000000A8)
depth=0 /C=US/ST=California/L=Fremont/O=ONCEAGAIN INC./OU=INDEPENDENT INTERNET S
OFTWARE VENDOR/CN=WWW.ONCEAGAIN.COM
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=US/ST=California/L=Fremont/O=ONCEAGAIN INC./OU=INDEPENDENT INTERNET S
OFTWARE VENDOR/CN=WWW.ONCEAGAIN.COM
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=US/ST=California/L=Fremont/O=ONCEAGAIN INC./OU=INDEPENDENT INTERNET S
OFTWARE VENDOR/CN=WWW.ONCEAGAIN.COM
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/C=US/ST=California/L=Fremont/O=ONCEAGAIN INC./OU=INDEPENDENT INTERNET SOFT
WARE VENDOR/CN=WWW.ONCEAGAIN.COM
i:/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Serve
r CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSi
gn
---
Server certificate
-----BEGIN CERTIFICATE-----
...............................
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Fremont/O=ONCEAGAIN INC./OU=INDEPENDENT INTERNET S
OFTWARE VENDOR/CN=WWW.ONCEAGAIN.COM
issuer=/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Ser
ver CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 Veri
Sign
---
No client certificate CA names sent
---
SSL handshake has read 1944 bytes and written 320 bytes
---
Bye, Sincerely yours tjww.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
