This is a discussion on self-signed wild card certs and mozilla - modssl ; I would like to make a self-signed wild card cert and install the cert in my browser so that I don't get any scary warnings from the browser. I created a self-signed wild card cert as follows: # openssl req ...
I would like to make a self-signed wild card cert and install the cert
in my browser so that I don't get any scary warnings from the browser.
I created a self-signed wild card cert as follows:
# openssl req -new -x509 -nodes -out networkguild.org.crt -keyout
networkguild.org.key -days 1826 -subj "/C=US/ST=MD/O=Network
I then extracted the der form and stored it in a second .crt file:
openssl x509 -inform PEM -outform DER -in networkguild.org.crt -out
I then simply pointed Mozilla at this file which is here:
Mozilla dutifully offers to install the certificate without complaint.
Unfortunately, when I access https://www.networkguild.org, it
complains with the following error:
Website Certified by an Unknown Authority
Although it does give me the choice of accepting forever, but I
shouldn't have to do this. When I click to accept here, I then get
the next scary message:
You have attempted to establish a connection with
"networkguild.org". However, the security certificate presented
belongs to "*.networkguild.org". It is possible, though unlikely, that
someone may be trying to intercept your communications with this
However, and this was totally unexpected, IE doesn't complain at all.
It found the certificate that I installed using Mozilla.
Did I create my self-signed wild card cert properly? I must have done
something partially correct for IE to accept it without warnings or
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List firstname.lastname@example.org
Automated List Manager email@example.com