Carlo Marcelo Arenas Belon wrote:
>
> Juan Carlos Castro y Castro wrote:
> >
> > Hi! I just bought a Brazilian RH Linux distribution with Apache 1.3.3
> > and mod_ssl 2.0.something. When I follow the instructions to create my
> > own CA and sign the server certificate I just created, I get this in the
> > verification phase:
> >
> > error 7 at 0 depth lookup:certificate signature failure
>
> there is not a problem wit your distribution.. there is a strange "bug"
> on ssleay/openssl which doesn't allow the same values for a server.crt
> and a ca.crt
> so if you wan't to selfsigned your certify you need to change the values
> you are putting on both certicates
>
> i've learned this the difficult way.., should be on the FAQ, you could
> get a clue if you check the list archives
YES! It worked! THANK YOU! Now I stumbled on an ugly thing: while
Netscape issues me a warning and allows me to proceed until the
certificate expires, IE 3 disallows access altogether. Anyway I can hack
the Registry or something like that so IE3/4/5 users can go to my site?
Like, adding my phony CA to IE's list of CAs?
By the way, is there such hack to Netscape too?
Cya,
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Inform�tica e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
