Netscape Password Protected Certs Fail with Apache

Thu, 1 Jul 1999 07:14:21 -0700 

If I protect my certificates in Netscape with a password, when I enter the
password, the request hangs until it times out (this actually doesn't happen
every time, but most times).  If I requery (and the password has been
entered), the request goes through fine.  If the certificates are not
protected, everything works fine.

We're still having double-prompting Netscape problems as well, but...  This
is another problem we're exploring.

Ideas?  Thanks - H
~
Howard Uman - [EMAIL PROTECTED]
Netegrity, Inc., 245 Winter St., Waltham, MA  02451
TEL: (781) 890-1700 x225 FAX: (781) 487-7791

                                LET'S GO CAPS!



> -----Original Message-----
> From: Dmitry Morozovsky [mailto:[EMAIL PROTECTED]]
> Sent: Monday, June 28, 1999 1:26 PM
> To: [EMAIL PROTECTED]
> Subject: Signing external certs with local CA
> 
> 
> Hello there,
> 
> I've set up local CA for internal use within our company. 
> (together with
> Apache/mod-ssl, surely)
> 
> Now i've starring at the very special problem: when user already have
> personal cert from one of master CA, it seems to be "Right 
> Thing" to use
> this cert for authorization instead of making another local user
> certificate. As I understand, the best way to use it -- sign 
> existing cert
> with local CA. Am I wrong at this stage?
> 
> If not, where am I wrong in the following process:
> 1. check user cert with apache against master CA bundle (worked)
> 2. export user cert data in pem format (done, x509 -text 
> tells content of
> the cert)
> 3. sign cert. this is problem point. trying to
>       x509 -x509toreq -signkey marck.crt -in marck.crt -out new.pem
> leads to:
> Getting request Private Key
> unable to load Private Key
> 
> Thank you in advance.
> 
> 
> Sincerely,
> D.Marck                                   [DM5020, 
> DM268-RIPE, DM3-RIPN]
> --------------------------------------------------------------
> ----------
> *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- 
> [EMAIL PROTECTED] ***
> --------------------------------------------------------------
> ----------
> 
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [EMAIL PROTECTED]
> Automated List Manager                           [EMAIL PROTECTED]
> 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to