I would like to make a self-signed wild card cert and install the cert
in my browser so that I don't get any scary warnings from the browser.

I created a self-signed wild card cert as follows:

# openssl req -new -x509 -nodes -out networkguild.org.crt -keyout
networkguild.org.key -days 1826 -subj "/C=US/ST=MD/O=Network
Guild/CN=*.networkguild.org/emailAddress=mg-webmaster@networkguild.org/"

I then extracted the der form and stored it in a second .crt file:

openssl x509 -inform PEM -outform DER -in networkguild.org.crt -out
files/networkguild.org.crt

I then simply pointed Mozilla at this file which is here:
http://networkguild.org/sites/networ...kguild.org.crt

Mozilla dutifully offers to install the certificate without complaint.

Unfortunately, when I access https://www.networkguild.org, it
complains with the following error:
Website Certified by an Unknown Authority

Although it does give me the choice of accepting forever, but I
shouldn't have to do this. When I click to accept here, I then get
the next scary message:

You have attempted to establish a connection with
"networkguild.org". However, the security certificate presented
belongs to "*.networkguild.org". It is possible, though unlikely, that
someone may be trying to intercept your communications with this
web site.

However, and this was totally unexpected, IE doesn't complain at all.
It found the certificate that I installed using Mozilla.

Did I create my self-signed wild card cert properly? I must have done
something partially correct for IE to accept it without warnings or
errors.

Michael Grant
__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org