Dr Hensen,
Perhaps my understanding is skewed of what I am trying
to do. Hope u dont mind me asking tons of questions..
I generated a certificate that was originated from
openssl and added a CA, ME to it. I getnerated my own
CA certificate too. I added it to my list of
authenticators in netscape by adding it
to the "bundle" - appears to be ok, it comes up as valid
in my list and upon connecting the fist time to netscape
the secure sockets seem in effect since the series of
expected pop-ups occurs asking me to accept the certificate
that I signed... :) OK, so far, then I get to last window
and it says clik button for "Finish" and when I do it
looks as though the server is going to present the
hello servlet, but instead pops up error dialog widget
that says "Netscape has encountered bad data from the server".
This is when I check my logs and get see that an ssl problem
occured.. As follows;
> 30/Oct/1999 07:52:33 00652] [info] Connection to child 7 established (server
> MyServer:443, client 111.xxx.111.xxx)
> [30/Oct/1999 07:52:33 00652] [error] SSL handshake failed (client
> 209.150.98.234, server MyServer:443) (OpenSSL library error follows)
> [30/Oct/1999 07:52:33 00652] [error] OpenSSL: error:14094410:SSL
> routines:SSL3_READ_BYTES:sslv3 alert handshake failure
>
>>
>> Am wondering if anyone is monitoring the list that may be able to
>> provide answers?????????????????????????????????????????????????
>> POSTED several questions concerning what I feel should be simple
>> questions to get answered and recieved ZERO replies... Wife says
>> I dont have bad breath so that is not the reason.. :) Just wondering
>> what is? THIRD POST! ANY replies appreciated, even flames!
>> Make your best shot count!
>>
>
>Well there's at least one reply I've seen.
>
>> I am trying to test a certificate using the following CMD;
>> ssltest -cert Mycertificate.p12
>> am gettin what looks to be a buch of errors, asfollows;
>
>The errors are because the input file is the wrong format. You can't
>feed a PKCS#12 file to ssltest. You first need to convert it to a PEM
>file using:
>
>openssl pkcs12 -in Mycertificate.p12 -out cert.pem -clcerts
>
>It will prompt you for the password you exported the PKCS#12 file with
>and a second password to protect the private key when its converted.
>You'll be prompted for the second password when you run ssltest.
>
>Steve.
>--
>Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
>Personal Email: [EMAIL PROTECTED]
>Senior crypto engineer, Celo Communications: http://www.celocom.com/
>Core developer of the OpenSSL project: http://www.openssl.org/
>Business Email: [EMAIL PROTECTED] PGP key: via homepage.
>
>
>______________________________________________________________________
>OpenSSL Project http://www.openssl.org
>User Support Mailing List [EMAIL PROTECTED]
>Automated List Manager [EMAIL PROTECTED]
>
----------------------------------------------------------------------
Joseph J. Schiavone Jr.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
