At 11:07 PM 11/20/00 +0000, you wrote: >There should be either a load of trusted certificates in a single file >or a directory containing them. If you are using client authentication >then it may try to read the whole lot in. If one is corrupt then this >could be a problem. > >Actually now I look at the error message: > >error:0B067002:x509 certificate routines:X509_add_cert_file:system lib > >I can't find the relevant function in OpenSSL: does it give *exactly* >the same error? If so then I suggest you get the function to print out >the file it is trying to load when it gets the error and then examine >it. > >Alternatively try using the s_server utility as a test server to check >it works OK. > >Steve. >-- >Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ >Personal Email: [EMAIL PROTECTED] >Senior crypto engineer, Celo Communications: http://www.celocom.com/ >Core developer of the OpenSSL project: http://www.openssl.org/ >Business Email: [EMAIL PROTECTED] PGP key: via homepage. Thank you for your help. Prior to trying your suggestions this morning, I received a message from a Thawte rep asking if I had tried a test cert on the system. I had not tried a test cert, but I have now. Initially it failed just the way that the original cert had, but I decided to try several certificate types to see if that was the problem. It ended up working with the "Test X509v1 SSL Cert". For a website that doesn't need anything more than a "standard" SSL connection, does the X509v3 offer any more security or other differences above the x509v1? If deemed important to change to an X509v3 format, can OpenSSL handle it? Thanks again, Greg Dawson, President Visionary Website Creations, Inc. Post Office Box 905 Brandon, Florida 33509-0905 http://www.visionary-web.com/ [EMAIL PROTECTED] 813-661-7164 phone 801-459-4789 fax ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: SSL Certificate Installation Problem
Visionary Website Creations, Inc. Wed, 29 Nov 2000 07:42:14 -0800
- Re: SSL Certificate Installation Problem Visionary Website Creations, Inc.
- Re: SSL Certificate Installation Pr... Dr S N Henson
- Re: SSL Certificate Installatio... Visionary Website Creations, Inc.
- Re: SSL Certificate Install... Dr S N Henson
- Re: SSL Certificate Ins... Visionary Website Creations, Inc.
- Re: SSL Certificat... Dr S N Henson
- Re: SSL Certificate Installation Pr... Visionary Website Creations, Inc.
- Re: SSL Certificate Installatio... Dr S N Henson
