> 1)created CA using openssl > 2)Created CA cert. > 3)Created server cert signed by CA cert > 4)Imported trusted CA cert and server cert into SunOne Webserver 6.1 > instance. > 5)Enabled SSL communication in web server > 6)created pkcs 12 cert signed by above CA > 7)imported the cert in browser > 8)trying to test by SSL enabled website and getting error > http3068: Error receiving request from SEC_ERROR_UNKNOWN_ISSUER: Peer's > certificate is signed by an unknown issuer > The above error is showing up in the error log of web server instance. > Any idea will be appreciated. Thanks.
The error means exactly what it says. The web server got a certificate from a peer that is signed by an issuer the web server is not configured to trust to issue peer certificates. Possible fixes include: 1) Turn off peer authentication in the web server. 2) Configure the web server to trust whoever issued the peer certificate to issue peer certificates. 3) Configure the client to present a certificate to the web server that the web server is configured to trust. The correct fix depends upon why you are authenticating the client. If you don't know why you are doing it, the fix is probably '1', stop doing it. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
