Hi, I've just ran into the exact same problem. There's a quick solution to this that I had to run before the import.
# openssl x509 -in cacert.pem -out cacert.crt You can see this solution on http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/x120.html Regards - Steve Harris Neff Robert A wrote: >Steve, >Actually, you will be further ahead using your self-signed certificate >and private key to sign additional certificates that you create using >OpenSSL for your servers. Then, simply import that self-signed CA >certificate that corresponds to the private key you used to sign the >server certificate with into your and your clients' browsers. >For Internet Explore do: >Tools/Internet Options/Content/Certificates/Trusted Root Certification >Authorities >and then click on the import button to import your public CA cert. >Your browser will now trust all sites (servers) containing certificates >signed by your self-signed CA cert. >HTH, >Rob > >-----Original Message----- >From: Steve [mailto:[EMAIL PROTECTED]] >Sent: Thursday, April 11, 2002 3:59 PM >To: [EMAIL PROTECTED] >Subject: Trust > > >Hi All > >I've created a server certificate and configured Apache with mod_ssl and >eveything seems to work well. >However, as it's a self-sogned certificate, the browser insists on popping >up a warning to the user each time they visit the site - even if they've >installed the certificate (in IE it will only install in the "personal" >list not the "Trusted Root CA" list even though it says it was successfully >imported. > >What do users (or I) need to do to make sure that they don't get the >warning pop-up each visit to the site (assuming, of course, that they want >to trust my certificate)? > >Thanks > >Steve > > >______________________________________________________________________ >OpenSSL Project http://www.openssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] >***************************************************************** >DISCLAIMER: The information contained in this e-mail may be confidential >and is intended solely for the use of the named addressee. Access, copying >or re-use of the e-mail or any information contained therein by any other >person is not authorized. If you are not the intended recipient please >notify us immediately by returning the e-mail to the originator. >______________________________________________________________________ >OpenSSL Project http://www.openssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
