Hi,
I have setup mod_ssl with Apache 1.3.4 on my web server according to the
instructions in the INSTALL file. I used a self-signed key with "make
certificate TYPE=custom" and it worked in lynx without a problem. Tests
in s_client showed a 1024 bit key. I then fired up the win95 machine and
tried to access the site using IE4 and it said it couldn't access it
because the key was signed by an unknown CA. This is understandable but
when I went to view certificate, the quality said "40 bit - Low" which
indicates that the key is low grade. Strange since s_client said 1024
bit. Furthermore, IE had no way to override the unknown CA problem so I
couldn't connect at all.
What I am wonder is 1) Is that an IE bug or a SSLEAY bug with the
seemingly different bitrates?
2) Can IE load an https site even if it is signed by an unknown (to it)
CA? Sorry if the last question is offtopic for this list but I couldn't
find anything in the manual or FAQ.
Thanks in advance,
Sahen
--
Shane Wegner: [EMAIL PROTECTED]
Tel: (604) 930-0530
Sysadmin, Continuum Systems: http://www.cm.nu
Personal website: http://www.cm.nu/~shane
Celine Dion Fan site: http://www.celine.nu/
PGP key: http://www.cm.nu/~shane/pgp.txt
ICQ UIN: 15706546
PGP signature
