Hi, Platform: hpux-11, Apache-1.3.6, OpenSSL-0.9.3a, modssl-2.3.11 I'm trying to use Netscape CMS (cert management system) to generate some user certs for SSL authentication. I've updated ca-bundled.crt with my CA detailes. My CA key is 2048. My apache works fine in SSL mode if client cert is anything but from my own CA (Netscape CMS-4.1). The error is: [28/Sep/1999 11:21:12] [error] Certificate Verification: Error (7): certificate signature failure [28/Sep/1999 11:21:12] [error] SSL handshake failed (client 199.41.203.32, server deneb.systems.dhl.com:443) (OpenSSL library error follows) [28/Sep/1999 11:21:12] [error] OpenSSL: error:1E065406:RSAref routines:RSAREF_BN2BIN:len [28/Sep/1999 11:21:12] [error] OpenSSL: error:0D079006:asn1 encoding routines:ASN1_verify:bad get asn1 object call [28/Sep/1999 11:21:12] [error] OpenSSL: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Is my CA's signature wrong in ca-bundled.crt? or too long? or incompatible? Thanks -- Veselin ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
