self signed certificate

self signed certificate

am 05.08.2002 17:29:10 von Peter Choe

i am trying to create a self signed certificate on my server for apache
webserver. i am using mod_ssl-2.8.9.

when i run the sign.sh script to sign the server certificate i generated, i
get the following errors:

Write out database with 1 new entries
Data Base Updated
CA verifying: server.crt <-> CA cert
server.crt: /C=US/ST=New York/L=New York/O=foo/OU=BCTC/CN=foobar.com
error 18 at 0 depth lookup:self signed certificate
/C=US/ST=New York/L=New York/O=foo/OU=bar/CN=foobar.com
error 7 at 0 depth lookup:certificate signature failure

the script creates a server.crt file, but when i try to access an https
page, i get a page cannot be displayed message.

anybody know how i can fix this?

Peter Choe

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: self signed certificate

am 13.03.2003 14:32:00 von Alex Kuehne

> -----Original Message-----
> From: Jan Staschulat [mailto:jans@ida.ing.tu-bs.de]
> Sent: Thursday, March 13, 2003 2:12 PM
> To: modssl-users@modssl.org
> Subject: self signed certificate
>
>
> Hi, I have problems creating a self signed certificate.
> I'm using OpenSSL 0.9.7a on SunOS 5.7 sparc SUNW,Ultra-2
> I went through the description of FAQ-page:
> http://www.corserv.com/freebsd/apache-ssl-howto.html
>
> OpenSSL quits with the error when I want to sign the server.csr:
>
> $> openssl ca -config ca.config -out server.crt -infiles server.csr
> ...
> Sign the certificate? [y/n]:y
> failed to update database
> TXT_DB error number 2
>
> I searched on google and found the same question on the modssl-users
> mailing list (Dez 2002) , which is still unanswered:
>
> http://www.mail-archive.com/modssl-users@modssl.org/msg15877 .html

Hello,

don't mess with openssl. Please refer to

http://www.modssl.org/docs/2.8/ssl_faq.html#ToC29.

There is a script sign.sh in the contrib dir of modssl source package.

Best regards
Alex Kuehne


--
Network Manager, SAG, Berlin, Germany

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org