Error: what do you think about?

1999-05-28 Thread Fabrizio Pivari
I've installad on my Solaris 7 OpenSSL 0.9.3 Apache 1.3.6 mod_ssl 2.3 All work fine. I've read FAQ chapter 6 I've made step Ok, I've got my server installed and want to create a real SSL server Certificate for it. How do I do it? and step How can I create and use my own Certificate Authority (CA)

Re: Error: what do you think about?

1999-05-28 Thread Fabrizio Pivari
>With the last command >$ ./sign.sh server.csr > >this is the error message: >error 7 at 0 depth lookup:certificate signature failure I've solved the problem: it doesn't agree that the data of ca and server are the same! Ciao Fabrizio __ Ge

Client Authentication and Access Control

1999-05-31 Thread Fabrizio Pivari
I've read the mod_ssl documentation about Client Authentication and Access Control part. I've found this part very interesting and I'd like to test it. Could you explain me the OpenSSL commands to create client certificates signed by my CA certificate? I've already created my CA certificate, usin

Re: Client- Authentication with mod_ssl

1999-06-08 Thread Fabrizio Pivari
>A client certificate is built in five steps. >1. Generate a public/private key pair >2. Generate a certificate request with you public key >3. Have your request signed by a CA >4. Merge your private key and the signed certificate into a pkcs12 file >5. Import this into your browser > >openssl pr

Re: Client- Authentication with mod_ssl

1999-06-09 Thread Fabrizio Pivari
>Oops: It should of course be: >openssl pkcs12 -export -inkey my.key -in my.crt -out my.p12 -name "My Name" Thanks for your help It works great! I've imported the certificate from Netscape 4.6 and IE 5.0 and I've tested Client Authentication option. I suggest to Ralf S. Engelschall to add the

RSA -> DSA, 3DES -> IDEA, MD5 -> SHA1

1999-09-29 Thread Fabrizio Pivari
Hi, I've read the FAQ and I was able to test SSL and Client- Authentication The documentation is very well and explain like to generate all the certificates with RSA, 3DES, MD5 Is it possible to use DSA, IDEA, SHA1 ? Could you explain me the command I need to use? Thanks Fabrizio __

Chain of CA

1999-09-29 Thread Fabrizio Pivari
Is it possible to generate a chain of CA? e.g. sign the server key with the CA of a company signed by another CA If the answer is yes how can I generate it? Thanks Fabrizio __ Get Your Private, Free Email at http://www.hotmail.com __

HTTPS with Client Authentication -> HTTP

1999-10-07 Thread Fabrizio Pivari
Hi, I've tested HTTPS with Client Authentication and it works good to me. After the initial Client Authentication with HTTPS I'd like to pass all on HTTP (more speedy) preserving the user access. Is it possible? Can you suggest me how I can configure this? Ciao Fabrizio __