CA.self

To: apache-ssl@lists.aldigital.co.uk
Subject: CA.self
From: lqing <lqing@scsti.ac.cn>
Date: Thu, 03 Sep 1998 10:35:42 +0800
Delivered-To: mailing list apache-ssl@lists.aldigital.co.uk
Mailing-List: contact apache-ssl-help@lists.aldigital.co.uk; run by ezmlm
Organization: http://www.apache-ssl.org
References: <35EB0C03.616AF7C2@netvision.com.br> <35EB1EA3.58CFC0A4@algroup.co.uk>
Reply-To: apache-ssl@lists.aldigital.co.uk

hi....

	I have a question? 
	Now i use ssleay to make a self-sign CA and install it in my server and
load it into my netscape navigator, and i make a client ceitificate to
install it in my navigator,and i changed to httpd.conf like this:

	SSLCACertificatePath /usr/local/ssl/newcerts 
	SSLCertificateFile  /usr/local/ssl/private/CA.cert  
	SSLCertificateKeyFile /usr/local/ssl/private/CA.key
	SSLVerifyClient 2

all clients certificate in dir: /usr/local/ssl/newcerts and CA.cert &
CA.key is ok,now i connect to my server,it give me a error:

	Verification of the selected certificate failed for the 	following
reasons:

	168.160.75.92's scsti.com ID
           Not certified for E-Mail
	lqing@scsti.ac.cn[Certificate Authority]
           Not a valid Certificate Authority
           Certificate not trusted

why? how to make a CA can build client certificate and verificate
itself?

References:
- SSL Close Connection
  - From: Andre Luiz dos Santos <andre@netvision.com.br>
- Re: [apache-ssl] SSL Close Connection
  - From: Ben Laurie <ben@algroup.co.uk>

Prev by Date: Re: [apache-ssl] Connection Refused
Next by Date: Re: [apache-ssl] CA.self
Prev by thread: Re: [apache-ssl] SSL Close Connection
Next by thread: Any thoughts on mod_ssl?
Index(es):
- Date
- Thread