Full_Name: Claude Gross Version: 2.4.9 OS: Linux 2.2.12-20smp i386 (redhat 6.1) Submission from: noyer.grenoble.urec.cnrs.fr (195.220.197.22) Server: Apache/1.3.9 (Unix) mod_ssl/2.4.9 OpenSSL/0.9.4 I want to use certificate delivered by my own CA. I have done the following : - openssl genrsa -out server.key - openssl req -new -key server.key -out cert.pem - openssl ca -out server.crt -in cert.pem I moved the server.key file in conf/ssl.key and server.crt file in conf/ssl.crt Theses directory are specified in my apache httpd.conf file : SSLCertificateFile conf/ssl.crt/server.crt SSLCertificateKeyFile conf/ssl.key/server.key SSLCACertificatePath conf/ssl.crt SSLCACertificateFile conf/ssl.crt/ca-bundle.crt I have imported my CA certificate in my browser (Netscape 4.6) When I try to connect to my server, my browser says : "The certificate is not approved for the attempted application" and in my error log file : [Wed Dec 8 17:27:39 1999] [error] mod_ssl: SSL handshake failed (server kaki.grenoble.urec.cnrs.fr:443, client 195.220.197.22) (OpenSSL library error follows) [Wed Dec 8 17:27:39 1999] [error] OpenSSL: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate [Hint: Subject CN in certificate not server name or identical to CA!?] With my configuration, if I create a self-signed certificate, all work well. Where is the problem? Can you help me? Thank you ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]