"Emre A. Binisik" wrote:
>
> I've have problem with apache with mod_ssl:
>
> The server contributed to openssl accepts
> my certifikat that is signed with SHA1 RSA.
>
> Using Apache 1.3.12 with mod_ssl
> my client certificate is not accepted
> with the comment wrong Messagest digest
> in client certificate.
>
Hmmm... it should tolerate that. It normally uses SHA1WithRSAEncryption
which is a different OID. Maybe it is using SSL_library_init() instead
of OpenSSL_add_all_algorithms(). The latter includes more obsolete OIDs.
You can try changing that or adding an alias in openssl\ssl\ssl_algs.c,
add the line :
EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
after the other SHA1 stuff.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
