Date: Thu, 18 May 2000 03:41:07 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Milon Papezik <milon.papezik@oskarmobil.cz> Cc: freebsd-hackers@freebsd.org, freebsd-ports@freebsd.org Subject: Re: ASN.1 parsing in OpenSSL (Apache+mod_ssl problem) Message-ID: <Pine.BSF.4.21.0005180336110.21857-100000@freefall.freebsd.org> In-Reply-To: <3923C0B0.E71C344D@oskarmobil.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 18 May 2000, Milon Papezik wrote:
> When I try to connect with Netscape 4.x or Exploder 5 to Apache over
> SSL I get the following errors in apache_ssl_engine.log:
I need to compare the contents of a working and non-working certificate -
my suspicion is that theres something off about the ASN.1 encoding of the
certificate that causes netscape to barf (IE will apparently still read it
fine, or it can at least for some people's certs).
Install the converters/dumpasn1 port, and run the following on your
certificate.pem file:
openssl asn1parse -in cert.pem -out cert.der
dumpasn1 cert.der > cert.out
and mail me cert.out. Do this for both certificates if you have a working
and non-working one.
Kris
----
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0005180336110.21857-100000>