Re: a small problem about certificate

[Aditya]

this is because there is no root ca cert from which the cert was generated   import the root ca cert ( the ca will happliy porvide u one free of cost )   so that will solve your problem     ----- Original Message ----- From: zhaoxd To: [EMAIL PROTECTED] Sent: Monday, September 09, 2002 10:53 AM Subject: Re: a small problem about certificate Prasanth:   Thank you for your reply!:) But I still have some problems to consult you!           >>For this, did we try placing the Root CA certificate in the Apache Server.   My question is the Root CA certificate,which I used to generate by myself using such command:   openssl req -new -x509 -days 3650 -key ca.key -out ca.crt   then freely fill in some infomation such as(Country Name,State or Province Name,Locality Name,Organization Name,Organizational Unit Name,Common Name,Email Address). Can I generate the Root CA certificate by myself? Is it possible to get the Root CA certificate which generate by myself and is not obtained from a Trusted Third Party?           >>Installing the Root CA in the Client Browsers    Assuming I can generate the Root CA certificate by myself,I have installed the Root CA in the client Browsers.The warning message do still exist!When I look over the Root CA certificate in Tools-InternetOptions>Content->Certificates in MSIE, I find the information displaying about the certificate I just installed is:There is no adequate information to validate the certificate.   Thank you for your help! Zhaoxd        Zhaxod,   I beleive we are discussing about the warning pop-up which IE throws up informing the user that it could not confirm the webservers identity.   For this, did we try placing the Root CA certificate in the Apache Server. The Root CA certificate is the certificate which signed your WebServer Server Certificate.  This is required because SSL Server as a part of the handshake will pass its Certificate and the Root Certificate to the SSL Client (browser)   Also, I belive IE will verify the root certificate against its list of *Trusted Root Certification Authorities*(Tools->InternetOptions->Content->Certificates), if it doesnt find the root ca certificate here, It would pop-up a window informing the client that it was not completely able to verify the server. This I believe can be handled by (1) Installing the Root CA in the Client Browsers ( this is possible in Enterprise Scenario by the IS Admin's) (2) Obtain a Certificate from a Trusted Third Party.   I am also a newbie here, somebody correct me if I am wrong.   -Prasanth   ----- Original Message ----- From: zhaoxd To: [EMAIL PROTECTED] Sent: Monday, September 09, 2002 8:55 AM Subject: a small problem about certificate Hi,everybody:  Glad to talk to you!  I happen to be a learner,so,if I have some problems let you feel bad,patient to me,please!  I had some problems I cannot fully understand,when I contruct an apache server in my linux-7.2.To make it more secure for my consumers,I did use the openssl and mod_ssl module to ensure the data between my server and all clients was secure.Then,my clients could visit my server through https://myserverip/ using IE.  However,when the clients are trying to link my server,an unexpect problem happens.The IE pop up a window telling my clients the web station is not certificated.Surely,the certificate was issued by myself using openssl and mod_ssl in apache!It is still possible to visit my server for clients through https://(port:443) securely,but,I don't know how to make the certificate accepted by IE!  Can anybody help me?Should I have to obtain the certificate issued by authoritive certificating center and install the certificate in IE in order to solve the problem?  Thanks in advance for any reasonable replies!:)      yours friendly      zhaoxd