Steve, Actually, you will be further ahead using your self-signed certificate and private key to sign additional certificates that you create using OpenSSL for your servers. Then, simply import that self-signed CA certificate that corresponds to the private key you used to sign the server certificate with into your and your clients' browsers. For Internet Explore do: Tools/Internet Options/Content/Certificates/Trusted Root Certification Authorities and then click on the import button to import your public CA cert. Your browser will now trust all sites (servers) containing certificates signed by your self-signed CA cert. HTH, Rob
-----Original Message----- From: Steve [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 11, 2002 3:59 PM To: [EMAIL PROTECTED] Subject: Trust Hi All I've created a server certificate and configured Apache with mod_ssl and eveything seems to work well. However, as it's a self-sogned certificate, the browser insists on popping up a warning to the user each time they visit the site - even if they've installed the certificate (in IE it will only install in the "personal" list not the "Trusted Root CA" list even though it says it was successfully imported. What do users (or I) need to do to make sure that they don't get the warning pop-up each visit to the site (assuming, of course, that they want to trust my certificate)? Thanks Steve ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ***************************************************************** DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
