I'm very frustrated trying to get a certificate to work on my
server. I don't care if it's signed by a CA or not. The DoD
PKI office signed one for me but I get errors when I try to use it.
I can view the CA's certificate with:
openssl x509 -noout -text -in ca.crt
but Apache complains with this:
Init: Unable to read server certificate from file
c:/apache/conf/853c.key (OpenSSL library error follows)
OpenSSL: error:0D09F007:asn1 encoding routines:d2i_x509:expecting an
asn1 sequence
Does that mean the CA can't sign a certificate OpenSSL will be happy
with? Do I
have to use Netscape's server?
Can I sign my own key file? I have the one I sent to the DoD PKI office
but I
can't find anywhere that tells me the OpenSSL command(s) to self sign a
certificate.
I've seen refereces to "Use the CA.pl that comes with OpenSSL" There is
not CA.PL
with the OpenSA distribution. <sigh>
Anyone have step-by-step instructions for self signing a certificate and
getting it to
work on NT with Apache?
Thanks
Tom Nunamaker
[EMAIL PROTECTED]
"Daniel S. Reichenbach" wrote:
>
> > Are there any plans for an OpenSA FAQ or something? I've had
> > an awful lot
> > of people seeing my mod_perl notes running searches on things
> > like ASP,
> > PHP, mod_*, EAPI, and my site carries nothing about these topics.
> Would be good, but i don`t have the time to do it right now. If
> someone volunteers, to start one...
>
> /me
> --
> Institut Ingenium GmbH http://www.ingenium.de/
> Daniel Reichenbach [EMAIL PROTECTED]
