Testing SSLv3 Authentication

Excuse me,
I have installed mod_ssl.
I must authenticate known clients based on certificate and **I need to
test this feature.
I have installed a self-signed crt using something like

# require a client certificate which has to be directly
# signed by our CA certificate in ca.crt
SSLVerifyClient require
SSLVerifyDepth 1
SSLCACertificateFile conf/ssl.crt/ca.crt

How can I build the client certificate to install on the browser?
Can I build a second client.crt and then sign it with the ca.crt?

I have signed the client.crt with

openssl x509 -req -days 365 -in client.csr -signkey ca.private.key -out client.crt

Is it right? Or must I use the CA.pl script ?

Thank you

--
// Giovanni Giorgi First, they ignore you, then they laugh at you,
// then they fight you. Then you win
// Sol-Tec s.r.l. Mahatma Ghandi


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: Testing SSLv3 Authentication

> How can I build the client certificate to install on the browser?
> Can I build a second client.crt and then sign it with the ca.crt?

Take a look at www.thwate.com under personal certificates - they are free!!!

--
Institut für Seeverkehrswirtschaft und Logistik http://www.isl.org/
Dipl.-Inform. Kai Hofmann mailto:hofmann@isl.org
Universitaetsallee GW1 Block A phone:+49 421 22096-83
D-28359 Bremen fax:+49 421 22096-55
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org