ssl question

This is a multi-part message in MIME format.

------=_NextPart_000_008A_01C237D9.6C66C2E0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

I installed openSSL with mod_ssl, and I can access my site using =
https://blah.com and I get a popup box telling me about a security =
issue and if I want to accept this. When I have visited other sites that =
are secure, it dosent ask me to accept anything. In my certificate it =
says its not part of the CA trusted root stores. Any help would be =
appreciated.

------=_NextPart_000_008A_01C237D9.6C66C2E0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable



charset=3Diso-8859-1">

RE: ssl question

This is a multi-part message in MIME format.

------_=_NextPart_001_01C2385C.4CE36340
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Mike,
=20
The reasoning behind that message is that you haven't purchased a =
certificate from a valid certificate store. The bought my companies at =
verisign.com.
=20
If you are not releasing this web app to the public you could simply =
install the certificate and you shouldn't get the message again.
=20
Good luck,
=20

Vincent Montuoro
Solution Engineer
Request
Level 12 461 Bourke Street
Melbourne Vic 3000
Email: vmontuoro@request.com.au
Office: +61 3 8628 2764
Mobile: 0408 005 979=20

=20

-----Original Message-----
From: Mike Boyer [mailto:bossdeez@hotmail.com]
Sent: Wednesday, 31 July 2002 4:57 AM
To: modssl-users@modssl.org
Subject: ssl question


I installed openSSL with mod_ssl, and I can access my site using =
https://blah.com and I get a popup box telling me about a security =
issue and if I want to accept this. When I have visited other sites that =
are secure, it dosent ask me to accept anything. In my certificate it =
says its not part of the CA trusted root stores. Any help would be =
appreciated.


------_=_NextPart_001_01C2385C.4CE36340
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable



charset=3Diso-8859-1">

face=3DTahoma=20
size=3D2>-----Original Message-----
From: Mike Boyer=20
[mailto:bossdeez@hotmail.com]
Sent: Wednesday, 31 July 2002 =
4:57=20
AM
To: modssl-users@modssl.org
Subject: ssl=20
question

I installed openSSL with mod_ssl, and =
I can=20
access my site using href=3D"https://blah.com">https://blah.com  and=20
I get a popup box telling me about a security issue and if I want to =
accept=20
this. When I have visited other sites that are secure, it dosent ask =
me to=20
accept anything. In my certificate it says its not part of the CA =
trusted root=20
stores. Any help would be =
appreciated.

RE: ssl question

But I did a self-signed cert for testing purposes. Shouldn't that work?

--
Matt


At 04:34 PM 7/31/2002 +1000, you wrote:
>Mike,
>
>The reasoning behind that message is that you haven't purchased a
>certificate from a valid certificate store. The bought my companies at
>verisign.com.
>
>If you are not releasing this web app to the public you could simply
>install the certificate and you shouldn't get the message again.
>
>Good luck,
>
>Vincent Montuoro Solution Engineer Request Level 12 461 Bourke Street
>Melbourne Vic 3000 Email: vmontuoro@request.com.au Office: +61 3
>8628 2764 Mobile: 0408 005 979
>
>
>-----Original Message-----
>From: Mike Boyer [mailto:bossdeez@hotmail.com]
>Sent: Wednesday, 31 July 2002 4:57 AM
>To: modssl-users@modssl.org
>Subject: ssl question
>
>I installed openSSL with mod_ssl, and I can access my site using
>https://blah.com and I get a popup box telling me about
>a security issue and if I want to accept this. When I have visited other
>sites that are secure, it dosent ask me to accept anything. In my
>certificate it says its not part of the CA trusted root stores. Any help
>would be appreciated.

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: ssl question

No, because your browser does not have the signing authority in its list of
trusted / root CAs. There are three options, but really only two are
practical. The first would be to just import the certificate the first time
you see this pop up and you can do that by clicking on "View certificate"
when you get the pop up (I'm talking IE here). The second option would be to
purchase and use a cert from a CA which is in your browsers list of
trusted/root CA (someone like verisign). You can get the list by clicking on
Tools->Internet options->The content tab->Certificates button->Trusted Root
Certification Authorites tab. The third option would be to become a CA on
that list by paying MS big bucks and setting your own company to do it (not
what I would call viable :-).

-Noah

> -----Original Message-----
> From: Matt Nelson [mailto:matt@nelsonprinting.com]
> Sent: Wednesday, July 31, 2002 9:14 AM
> To: modssl-users@modssl.org
> Subject: RE: ssl question
>
> But I did a self-signed cert for testing purposes. Shouldn't that work?
>
> --
> Matt
>
>
> At 04:34 PM 7/31/2002 +1000, you wrote:
> >Mike,
> >
> >The reasoning behind that message is that you haven't purchased a
> >certificate from a valid certificate store. The bought my companies at
> >verisign.com.
> >
> >If you are not releasing this web app to the public you could simply
> >install the certificate and you shouldn't get the message again.
> >
> >Good luck,
> >
> >Vincent Montuoro Solution Engineer Request Level 12 461 Bourke Street
> >Melbourne Vic 3000 Email: vmontuoro@request.com.au Office: +61 3
> >8628 2764 Mobile: 0408 005 979
> >
> >
> >-----Original Message-----
> >From: Mike Boyer [mailto:bossdeez@hotmail.com]
> >Sent: Wednesday, 31 July 2002 4:57 AM
> >To: modssl-users@modssl.org
> >Subject: ssl question
> >
> >I installed openSSL with mod_ssl, and I can access my site using
> >https://blah.com and I get a popup box telling me
> about
> >a security issue and if I want to accept this. When I have visited other
> >sites that are secure, it dosent ask me to accept anything. In my
> >certificate it says its not part of the CA trusted root stores. Any help
> >would be appreciated.
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: ssl question

But I'm never even getting a response on the browser, httpd is never even
starting due to this error. I thought I had it corrected this morning, the
log kept complaining about not finding the cert, I worked with that for a
while, then came back to the same error. Frustrating, but I'm not giving
up just yet. I'd like someone to take a look at my httpd.conf and tell me
if I'm got something wrong there, or just what the problem can be. I've
tried to follow the docs as close as I can, but obviously I've missed
something.

--
Matt

At 09:23 AM 7/31/2002 -0400, you wrote:

>No, because your browser does not have the signing authority in its list of
>trusted / root CAs. There are three options, but really only two are
>practical. The first would be to just import the certificate the first time
>you see this pop up and you can do that by clicking on "View certificate"
>when you get the pop up (I'm talking IE here). The second option would be to
>purchase and use a cert from a CA which is in your browsers list of
>trusted/root CA (someone like verisign). You can get the list by clicking on
>Tools->Internet options->The content tab->Certificates button->Trusted Root
>Certification Authorites tab. The third option would be to become a CA on
>that list by paying MS big bucks and setting your own company to do it (not
>what I would call viable :-).
>
>-Noah
>
> > -----Original Message-----
> > From: Matt Nelson [mailto:matt@nelsonprinting.com]
> > Sent: Wednesday, July 31, 2002 9:14 AM
> > To: modssl-users@modssl.org
> > Subject: RE: ssl question
> >
> > But I did a self-signed cert for testing purposes. Shouldn't that work?
> >
> > --
> > Matt
> >
> >
> > At 04:34 PM 7/31/2002 +1000, you wrote:
> > >Mike,
> > >
> > >The reasoning behind that message is that you haven't purchased a
> > >certificate from a valid certificate store. The bought my companies at
> > >verisign.com.
> > >
> > >If you are not releasing this web app to the public you could simply
> > >install the certificate and you shouldn't get the message again.
> > >
> > >Good luck,
> > >
> > >Vincent Montuoro Solution Engineer Request Level 12 461 Bourke Street
> > >Melbourne Vic 3000 Email: vmontuoro@request.com.au Office: +61 3
> > >8628 2764 Mobile: 0408 005 979
> > >
> > >
> > >-----Original Message-----
> > >From: Mike Boyer [mailto:bossdeez@hotmail.com]
> > >Sent: Wednesday, 31 July 2002 4:57 AM
> > >To: modssl-users@modssl.org
> > >Subject: ssl question
> > >
> > >I installed openSSL with mod_ssl, and I can access my site using
> > >https://blah.com and I get a popup box telling me
> > about
> > >a security issue and if I want to accept this. When I have visited other
> > >sites that are secure, it dosent ask me to accept anything. In my
> > >certificate it says its not part of the CA trusted root stores. Any help
> > >would be appreciated.
> >
> > ____________________________________________________________ __________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List modssl-users@modssl.org
> > Automated List Manager majordomo@modssl.org
>___________________________________________________________ ___________
>Apache Interface to OpenSSL (mod_ssl) www.modssl.org
>User Support Mailing List modssl-users@modssl.org
>Automated List Manager majordomo@modssl.org

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org