> problems with my netscape here in austria (maybe because it is an export
> version).
For sure!
> When i view the certificate in the browser, it tells me, that the
> certificate is using an only 512-bit RSA public key. Can this be
> correct? When i generated the certificate it said: "Generating a 1024
> bit RSA key...".
The 1024 Bit Key signs a temporary 512 Bit key, which is used for
some connections. This is because of export restrictions (you have been
told by others).
BTW How often a new one is generated? (Just no time to check the sources)
> And what is the meaning of the define SSL_EXP in the file ssl_locl.h
> from SSLeay??? Is there any use in setting it to SSL_NOT_EXP?
This means what Netscape describes as "export grade ciphers". You
can compile SSlea ywithout these export ciphers (you can even
specify SSLBannCiphers...) but then both browser and server don't
have a common cipher to share anymore (and you can't connect)
--
read you later - Holger Reif
------------------------------------ Signaturprojekt Deutsche Einheit
TU Ilmenau - Informatik - Telematik (Verdamp lang her)
Reif@PrakInf.TU-Ilmenau.DE Alt wie ein Baum werden, um ueber
Remus.PrakInf.TU-Ilmenau.DE/Reif/ alle 7 Bruecken gehen zu koennen