Newbie questions update ....

[Steve Ankeny]

Here's what I did .... Command Usage openssl genrsa -des3 -out ca.key 1024 Created key for my own CA Remained in /etc/ssl openssl req -new -x509 -days 3650 -key ca.key -out ca.crt Created the CA certificate Also remained in /etc/ssl openssl genrsa -des3 -out server.key 1024 Created server key Placed in /etc/apache2/ssl.key mv server.key server.key.secure Created a back up for the key openssl rsa -in server.key.secure -out server.key Encoded key so not required at boot openssl req -new -days 3650 -key server.key -out server.csr Created server signing request ./sign.sh server.csr Used script to 'sign' request Created server.crt Placed in /etc/apache2/ssl.crt openssl pkcs12 -export -in server.crt -inkey server.key -certfile server.crt -out server.p12 Exported to Windows format After importing into my browser and restarting the webserver, it failed to connect.  I am uncertain whether the export command is correct.  And, I am uncertain whether the CA is trusted. What am I doing wrong?  Can anyone help?  Thanks. I have followed the documentation found here .... http://www.modssl.org/docs/ http://www.modssl.org/docs/2.8/ssl_faq.html#ToC24 http://lamps.efactory.de/e-lamps-2-0.shtml#inst-apachessl ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]