Hi list, I'm having problems with my openssl certificate used with apache2. I've followed the tutorial on apache.org to create a certificate and sign it afterwards. This step-by-step guide can be found here: http://httpd.apache.org/docs-2.0/ssl/ssl_faq.html.en#realcert
The first problem occurs when following the next step to sign the certificate( http://httpd.apache.org/docs-2.0/ssl/ssl_faq.html#ownca ) Typing ./sign.sh server.csr I get the following output: CA signing: server.csr -> server.crt: Using configuration from ca.config Enter PEM pass phrase: Check that the request matches the signature Signature ok The Subjects Distinguished Name is as follows countryName :PRINTABLE:'DE' stateOrProvinceName :PRINTABLE:'Germany' localityName :PRINTABLE:'xxxxxxxx' organizationName :PRINTABLE:'xxxxxxxxx' commonName :PRINTABLE:'xxxxxxxxxxxxxx' emailAddress :IA5STRING:'xxxxxxxxx' ERROR:There is already a certificate for /C=DE/ST=Germany/L=xxxxxxxx/O=xxxxxxxx/CN=xxxxxxxxxxxx/Email=xxxxxxxxxxxxx The matching entry has the following details Type :Valid Expires on :051129093250Z Serial Number :01 File name :unknown Subject Name :/C=DE/ST=xxxxxxxxxxx/L=xxxxxxxx/O=xxxxxxxxxxxxxx/CN=xxxxxxxxxxxx/Email=xxxxxxxxx CA verifying: server.crt <-> CA cert server.crt: unable to load certificate file 9007:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:662:Expecting: CERTIFICATE If I use this certificate, it works fine with Konqueror(shown certificate information are fine) and the subversion command line client, but neither Firefox nor Internet Explorer can connect. Firefox says: "Could not establish an encrypted connection because certificate is invalid or corrupted. Error Code: -8182" There are no error messags in apache's error.log I already re-created the certificate and signed it, but it didn't help. Any of you guys an idea what could be wrong? Thanks a ton in advance, Michael ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
