Hello Owen, below some answers to your questions Thanks a lot for your time Regards
Dario Prester ----- Original Message ----- From: Owen Boyle <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, December 04, 2001 11:45 AM Subject: Re: R: Apache SSL doesn't work > Dario Prester wrote: > > > > I think that the generation/configuration of certificates should be OK. > > Anyway, I attached below an extract of the httpd.conf that I am using for > > SSL > > SSLCertificateFile /opt/apache/ssl/certs/server3.crt > > SSLCertificateKeyFile /opt/apache/ssl/private/server2.key > > SSLCertificateChainFile /opt/apache/ssl/certs/ca.crt > > I don't use the SSLCertificateChainFile directive myself so maybe it has > an effect that I'm unfamiliar with but... I am not familiar with it too. Howewer, I don't think that it caused that problem, because I've got the same problem without SSLCertificateChainFile > I do notice that your .crt and .key files have different file-stems > (i.e. "server3" and "server2"). Since the .crt file contains your public > key and the .key file contains your private key, they obviously have to > be part of a pair (i.e. generated at the same time). This may be the > case, but your filenames imply they might not be... You're right...I used the same key file to make more CRT files (for changing only the common name of certificate) So, server2.key and server3.crt are parts of the same key (public and private keys) despite on their names > Did you make server2.key and server3.crt in the same > certificate-generation process? (i.e. did you make the key first, then > make a certificate signing request (CSR) then make a crt? Yes, of course. Anyway, I am not familiar with random seeds. I used a simple text file as random seed. The file is random.rnd that is placed on the same directory of the private key file. > Rgds, > > Owen Boyle. > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
