[TriLUG] it's late.. ssl question

Greg Brown gregbrown at mindspring.com
Sun Oct 10 22:52:34 EDT 2004


This appears to be a firefox issue.  There is a fix for firefox browser 
clients to trust self-signed keys.  I haven't found it yet but when I 
do I'll post the configuration change.

Greg



On Oct 10, 2004, at 10:43 PM, Greg Brown wrote:

> I must be looking over something very obvious.  I reinstalled my 
> server OS, CentOS in this case, and installed http via yum.  I also 
> installed openssl and created a key using the following command:
>
> openssl req -new -x509 -extensions v3_ca -keyout \
> private/cakey.pem -out cacert.pem -days 365 -config ./openssl.cnf
>
> I then installed mod_ssl from yum which perviously, after the first 
> two steps, would allow me to use https encryption.  For some reason I 
> now get an error when I try to access my web server via https.  The 
> error is:
>
> "You have received an invalid certificate. Please contact the server
> administrator or email correspondent and give them the following 
> information:
>
> Your certificate contains the same serial number as another certificate
> issued by the certificate authority. Please get a new certificate 
> containing
> a unique serial number."
>
> I'm fairly tired so I think I'm missing something really basic.  All 
> I'm doing is using a self-signed key.  The browser (safari, firefox) 
> should use this certificate but warn the user that it's self-signed.
>
> Where am I going wrong?
>
> Greg
>
> -- 
> TriLUG mailing list        : 
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
>




More information about the TriLUG mailing list