Hi,
so in fact I tried with NS v2.0, 3.0 , MSIE 4.0 5.0, and it works fine with a
slf signed certificate . The only software which doesn't run with it is NS 4.06
and latter versions.
So what is the problem .... is the below solution is the right way ?
Thanks,
Emmanuel Poitier
On Thu, 29 Apr 1999, you wrote:
>Emmanuel_Poitier <[EMAIL PROTECTED]>:
>
>> so I'm new with open SSL , so explain me a bit about this :
>
>> I want to use apache SSL, so I create a CA authority, and I generated a key
>> file .pem and dummy certificate .pem for it, and changes some field in the
>> httpd.conf. It started, but when I want to access to the server with netscape,
>> it said : The certificate is not approved for the attempted operation.
>
>> So the dummy.pem certificate was created with below parameters :
>> req -new -x509 -key key.pem -out dummy.pem
>
>> So what is the problem ?
>
>You need a server certificate, not a CA authority. The current
>openssl.cnf default values make req produce a CA certificate.
>Copy it into a working directory, remove the line on extensions
>in the "[ req ]" section, and call openssl req with an additional
>"-config openssl.cnf" option. Then you should get a certificate
>that is accepted (after querying the user) at least by Netscape;
>I think Internet Explorer does not like self-signed certificates,
>so if you want to use it, you'll have to Explore[tm] things in more
>detail.
>______________________________________________________________________
>OpenSSL Project http://www.openssl.org
>User Support Mailing List [EMAIL PROTECTED]
>Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
