[TriLUG] it's late.. ssl question
Greg Brown
gregbrown at mindspring.com
Sun Oct 10 22:52:34 EDT 2004
This appears to be a firefox issue. There is a fix for firefox browser
clients to trust self-signed keys. I haven't found it yet but when I
do I'll post the configuration change.
Greg
On Oct 10, 2004, at 10:43 PM, Greg Brown wrote:
> I must be looking over something very obvious. I reinstalled my
> server OS, CentOS in this case, and installed http via yum. I also
> installed openssl and created a key using the following command:
>
> openssl req -new -x509 -extensions v3_ca -keyout \
> private/cakey.pem -out cacert.pem -days 365 -config ./openssl.cnf
>
> I then installed mod_ssl from yum which perviously, after the first
> two steps, would allow me to use https encryption. For some reason I
> now get an error when I try to access my web server via https. The
> error is:
>
> "You have received an invalid certificate. Please contact the server
> administrator or email correspondent and give them the following
> information:
>
> Your certificate contains the same serial number as another certificate
> issued by the certificate authority. Please get a new certificate
> containing
> a unique serial number."
>
> I'm fairly tired so I think I'm missing something really basic. All
> I'm doing is using a self-signed key. The browser (safari, firefox)
> should use this certificate but warn the user that it's self-signed.
>
> Where am I going wrong?
>
> Greg
>
> --
> TriLUG mailing list :
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
>
More information about the TriLUG
mailing list