I installed openssl 0.9.7c. I installed mod_ssl's PEM file where lynx can find it. [Howto verify: connection to https://www.ibm.com goes without any warning.]
Now I try to connect to https://mirbsd.bsdadvocacy.org:8890/active/cvsweb.cgi/src/etc/ (as mentined in one of [very unhelpful] openssl-setup advices). I get a prompt SSL error:unable to get local issuer certificate-Continue? (y) If I answer no: connection succeeds. End of story. If I answer yes: I'm presented with the same question again. a) Why? The trace shows "connection without TSL". Should not the prompt reflect the difference? Should not the difference be explained somewhere? b) If I answer yes: immediate segfault (in some non-trivial place, like inside fopen()) c) If I answer no: half of the page is loaded, then I get a segfault. d) And at the beginning of it all, the initial message is not very helpful either. As my correspondent with Mozilla found, this place *has* a certificate, but it is not chained to anything "standard", so is not "trusted". Cannot a different message to be shown? Very illiterate about SSL, Ilya P.S. README.sslcert is great! A lot of thanks! But maybe I will have something better up the sleeve - especially if the questions above are answered. ; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to [EMAIL PROTECTED]
