Have you created your CA-Certificate with the steps in
http://www.modssl.org/docs/2.8/ssl_faq.html#ToC29 ?
Then you have the certificate in the right format.
I don't know if it works under Linux/Unix if you call a certificate from a file-URL
(in Windump it doesn't), try to request it via http and the loadcacert.cgi (so that
the correct mime-type is transmitted). After that Netscape brings up a Window to
install the Certificate automatically and no password is required.
Here the installation process of the cert with pictures (but in german language):
Netscape 4: http://www.weisshuhn.de/security/ssl/netscape.html
Netscape 6: http://www.weisshuhn.de/security/ssl/ns6.html
GreetingX,
Alex
--- George Walsh <[EMAIL PROTECTED]> schrieb:
> Thanks for taking the trouble to respond to my apparent thick-mindedness, Alex!
>
> I pointed the URL to the actual test file containing the certificate: in this case
> file:///opt/apache/conf/ssl.crt/ca.crt.
>
> Then, I hit on the security icon and asked to import the certificate. It asks for a
> password(which I left blank) and then the name of the file - indicating an *.p12
>extension.
> However, it will only find the file without the extensio, of course. This suggests
>to me that
> some kind of conversion is necessary? If I ask to look for certificates accepted (in
>any
> category!) nothing shows except the commercial CAs.
>
> Can you provide me with a further step up?
> Maybe I need to go back and recreate the certificates in encryted form???
>
> Thanks, Alex.
>
> George
>
>
> Alex Pircher <[EMAIL PROTECTED]> wrote:
>
> >Can you provide the URL of loadcacert.cgi?
> >
> >If SSL is enabled the mime-type for certificates is ordinary correctly set in the
>httpd.conf.
> >So actually you don't need loadcacert.cgi, you just have to point your Browser to
>the URL of
> >the certificate. This worked for me without problems.
> >
> >GreetingX,
> > Alex
> >
> >> I prepared the CAs using the "make certificate TYPE=custom" option. Both the
>server and the
> CA
> >> files look fine to me and are in their proper pews.
> >> There were warnings about security depth being 0, but that is to be expected
>during the
> creation
> >> process.
> >>
> >> In the mod_ssl documentation the instruction asks that I 'fire up' Communicator
>and use the
> Perl
> >> script loadcacert.cgi in the pkg.contrib directory to load the CA into the
>browser.
> >>
> >> Then I have to 'walk through the dialog boxes'.
> >>
> >> Well, this is all too simple for me to comprehend. I can execute the script file
>and it
> assigns
> >> the x509 type, determines the length and prints out the certificate data, but
>that doesn't
> get
> >> into Communicator, so nothing really happens. How do I tie the script output into
> Communicator
> >> to trigger what should be happening?
> >>
> >> Or is there a more straightforward way???
> >>
> >> Thanks,
> >>
> >> George Walsh,
> >> Managing Director
> >> Travel Seewise Pacific Corp
> >>
> >> --
> >> George Walsh,
> >> Managing Director,
> >> Travel Seewise Pacific Corp
> >> Vancouver Canada
__________________________________________________________________
Do You Yahoo!?
Gesendet von Yahoo! Mail - http://mail.yahoo.de
