This is a discussion on RE: Errors with firefox - modssl ; --==_Exmh_1138031040_565P Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable and with explorer too. Hello out there, Ming.Yu=40jhuapl.edu said: > had exactly the same problem when I compile my new Apache server (2.2.= 0) > with mod_ssl. =A0To be short, I think you are ...
Content-Type: text/plain; charset=iso-8859-1
and with explorer too.
Hello out there,
> had exactly the same problem when I compile my new Apache server (2.2.=
> with mod_ssl. =A0To be short, I think you are using the packaged OpenSS=
> fixed the problem by re-compiling the OpenSSL on the system with shared=
> option, but first remove the pre-installed OpenSSL package.=20
I've got the same problem. I compiled openssl-0.9.8a with Sun Forte Studi=
doesn't matter, problem remains.
For the record. Created our own root-CA, signed it by himself,
Created server-certificate and signed it by the just created root-CA.
Loaded the root-CA into firefox/explorer and configured apache with the=20
server-certificate without errors.
firefox and explorer complain with unknown error, when initiated https-re=
On command-line, I've verified the certificate with
openssl verify -issuer_checks -CApath /var/opt/openssl /etc/opt/apache2/s=
which results in
error 29 at 0 depth lookup:subject issuer mismatch
That seems the main problem.
Perhaps the creation of our root-CA/server-cert=20
process isn't correct. Or 0.9.8a isn't as tolerant as 0.9.7.
(we followed the same procedure, as with 0.9.7 a year ago.) So it's an=20
The web suggestes, that organisation-name of certificate and root-CA shou=
different in each/all parts of the name. But I'm a little bit unwilling t=
accept this argument, because it's unresonable to me. One difference shou=
sufficient. That the case in our process.
Thanks for commenting
=22Sure, vi is user friendly.
It's just particular about who it makes friends with.=22 ;-)=20
Klaus Elsbernd; System Administrator, BOFH =7C elsbernd=40dfki.uni=
Deutsches Forschungsz. f=FCr K=FCnstliche Intelligenz =7C DFKI GmbH, Geb.=
67657 Kaiserslautern; Germany Fernruf: 0631/205-3486 Fernbild: -3=
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (SunOS)
Comment: Exmh version 2.7.2 01/07/2005
-----END PGP SIGNATURE-----
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List email@example.com
Automated List Manager firstname.lastname@example.org