Full_Name: Chris Grant Version: 2.4.6-1.3.9 OS: FreeBSD 3.2 Submission from: dsl7.corpcomm.net (204.153.162.107) When deciding to become your own root CA, if you enter in identical information for both your CA cert and your server cert, you will end up with this error in your logs: [Sat Oct 30 23:37:17 1999] [error] mod_ssl: SSL handshake failed (server www.labrat.com:443, client 204.153.162.107) (OpenSSL library error follows) [Sat Oct 30 23:37:17 1999] [error] OpenSSL: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate [Hint: Subject CN in certificate not server name!?] You will also get an error when generating the server.key file the first time, but you end up with a server.key, so you tend to ignore it. It ends in this: error 7 at 0 depth lookup:certificate signature failure The answer was found here: http://www.mail-archive.com/[email protected]/msg02081.html This really should go into the http://www.modssl.org/docs/2.4/ssl_faq.html (FAQ List) under 'How can I create and use my own Certificate Authority (CA)?' Awesome product! --Chris ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
