On Tue, Apr 18, 2000 at 10:46:42AM -0500, John David Atkinson wrote:
> I have set up a CA and a webserver that I am trying to use for client authentication
>with MSIE. I have used xenroll.cab to generate keys and requests from the browser. I
>then sign the certs with my CA.sh script, but they do not seem to work. They are
>about 17 lines in length, whereas the length of the Verisign Digital ID is something
>like 42. Is there some sort of problem with the type of certs I am trying to generate?
It is really hard to guess about what might or might not be wrong with certs that
we've never seen, and don't know exactly what you did to create them. What you
really need to do is to check all stages of your CA app, see the F.A.Q list in
the mod_ssl manual to get an idea about how to perform and verify these steps
manually. Alternatively you might want to take a look at one of the openssl
based CA projects like OpenCA and pyCA.
On a general note, this kind of question would probably be more correct on
openssl-users instead.
vh
Mads Toftum
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
