Hi Listusers, I have some problem with sslclient certificates. I'd like to issue some to logon on a webpage using modssl and SSLRequire directive.
Therefore I produced an sslclient certificate by hand using openssl. That one works. After that I changed the SSLClient.ext of openca cause I needed to delete some stuff cause the certificate bacame too big to install it on a smrtcard. So I deleted the nsCrlDistributionpoints. All the other keywords I build exactly as I did in my openssl.cnf for the working certificate. But when I giveout a certificate using openca now, it does not work. When I diff both - the working an the not working certificate - there is only one difference. The certificatePolicy. Now I was looking for a possibility to leave it out of my SSLCLient certificates ... but I was not successful. I tried some changes in loa.xml in the High-template that I am using when I request a certificate. But my changes did not work. Now that I am really tired I need to ask for help. Can anyone tell me, how I can configure the SSLClient extensions to not include the certificatePolicy? Thx in advance Jan Roesner [EMAIL PROTECTED] ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
