It's actually not only that it is self-signed. The extension:
X509v3 Basic Constraints:
CA:TRUE
Should not be TRUE, it should be FALSE. Only CAs have this set as TRUE
(just as it says). Apache obviously does not like this either since this
occurs in the log:
-
[Mon D
On Tue, Dec 09, 2003 at 03:53:54PM -0700, Leon wrote:
> Apparently the problem is obscure enough that It's been suggested that thes
> erver certificate be posted. Since I will be recreating tit afterwards
> anyway, that isn't a problem.
>
> [EMAIL PROTECTED] ssl.crt]# openssl x509 -noout -text
On Dec 9, 2003, at 12:25 PM, Leon wrote:
At 11:28 AM 12/9/03, you wrote:
Here, the problem is in the Certificate, the Linux hostname is not
the same
that you gave in the certificate ...
I mean in the Common Name field It must be the Linux hostname ...
so how does that work? I want to use an al
Apparently the problem is obscure enough that It's been suggested that thes
erver certificate be posted. Since I will be recreating tit afterwards
anyway, that isn't a problem.
[EMAIL PROTECTED] ssl.crt]# openssl x509 -noout -text -in server.crt
Certificate:
Data:
Version: 3 (0x2)
On Tue, Dec 09, 2003 at 12:28:47PM -0600, Jose Hernandez wrote:
> Here, the problem is in the Certificate, the Linux hostname is not the same
> that you gave in the certificate ...
>
> I mean in the Common Name field It must be the Linux hostname ...
website name as fetched from server cert CN sh
At 11:28 AM 12/9/03, you wrote:
Here, the problem is in the Certificate, the Linux hostname is not the same
that you gave in the certificate ...
I mean in the Common Name field It must be the Linux hostname ...
so how does that work? I want to use an alias (rt.domainname.com) for the
SSL site rat
Here, the problem is in the Certificate, the Linux hostname is not the same
that you gave in the certificate ...
I mean in the Common Name field It must be the Linux hostname ...
-Original Message-
From: Leon [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 12:20 p.m.
To: [EMAIL
