I have created a chain of certificates as follows:
A Self signed CA certificate
A server certificate
A client certificate:
openssl genrsa -des3 -out client.key 4096
Client sign request:
openssl req -new -key client.key -out client.csr
I signed the CSR with my CA:
openssl x509 -req -days 365 -in client.csr -CA STCCA.crt -CAkey STCCA.key -set_serial 01 -out client.crt
I then exported the crt to pcks12:
openssl pkcs12 -export -in client.crt -out client.p12 -inkey client.key -name "Subversion"
I can import and use this certificate successfully using IE and Opera. This certificate fails for "unknown reasons" when I import with Firefox 1.0.7 and 1.5. I tried exporting the CA certificate just for the heck of it using the same command and this certificate imports correctly. What is going on? I suspected the certificate was broken until it worked in IE. Then I suspected the format was wrong until I exported the CA certificate the same way and it worked. Please bring some sanity to my crazy world. Thanks
Brian Fox
- Problems with FF cert that works on IE and Opera Brian_Fox
- Re: Problems with FF cert that works on IE and Ope... Dr. Stephen Henson
- RE: Problems with FF cert that works on IE and Ope... Andrew Teklemariam
- Re: Problems with FF cert that works on IE and... Kyle Hamilton
- Re: Problems with FF cert that works on IE and Ope... Brian_Fox
