Re: FAQ etc

Fri, 30 Jun 2000 10:39:11 -0700 

Actually, I created a test certificate last month but can't find the openssl
commands I used to do it.  When I use those old certificates I created, it
works (but the browsers complain of an expired certificate).

When I have the httpd.conf file point to the new ones, that's when I get
these errors.

Thanks for the help

Tom Nunamaker
[EMAIL PROTECTED]

At 6/30/00 02:53 PM, you wrote:
>Have you changed this line in your httpd.conf file:
>
>SSLCertificateFile "C:/Program Files/OpenSA/Apache/conf/ssl.crt/xxx.crt"
>
>It has to point at the  *.crt file that you have somewhere.
>
>joacim
>
>----- Original Message -----
>From: "Tom Nunamaker" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Friday, June 30, 2000 2:43 PM
>Subject: Re: FAQ etc
>
>
> > I'm very frustrated trying to get a certificate to work on my
> > server.  I don't care if it's signed by a CA or not.  The DoD
> > PKI office signed one for me but I get errors when I try to use it.
> > I can view the CA's certificate with:
> >
> > openssl x509 -noout -text -in ca.crt
> >
> > but Apache complains with this:
> >
> > Init: Unable to read server certificate from file
> > c:/apache/conf/853c.key (OpenSSL library error follows)
> > OpenSSL: error:0D09F007:asn1 encoding routines:d2i_x509:expecting an
> > asn1 sequence
> >
> >
> > Does that mean the CA can't sign a certificate OpenSSL will be happy
> > with?  Do I
> > have to use Netscape's server?
> >
> > Can I sign my own key file?  I have the one I sent to the DoD PKI office
> > but I
> > can't find anywhere that tells me the OpenSSL command(s) to self sign a
> > certificate.
> > I've seen refereces to "Use the CA.pl that comes with OpenSSL"  There is
> > not CA.PL
> > with the OpenSA distribution. <sigh>
> >
> > Anyone have step-by-step instructions for self signing a certificate and
> > getting it to
> > work on NT with Apache?
> >
> > Thanks
> >
> > Tom Nunamaker
> > [EMAIL PROTECTED]
> >
> >
> >
> >
> > "Daniel S. Reichenbach" wrote:
> > >
> > > > Are there any plans for an OpenSA FAQ or something?  I've had
> > > > an awful lot
> > > > of people seeing my mod_perl notes running searches on things
> > > > like ASP,
> > > > PHP, mod_*, EAPI, and my site carries nothing about these topics.
> > > Would be good, but i don`t have the time to do it right now. If
> > > someone volunteers, to start one...
> > >
> > > /me
> > > --
> > > Institut Ingenium GmbH
>http://www.ingenium.de/
> > > Daniel Reichenbach
>[EMAIL PROTECTED]

Reply via email to