[Mono-bugs] [Bug 76279][Nor] Changed - CERT_E_CHAINING problem for
server certificate
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Mon Oct 3 10:01:26 EDT 2005
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by yngve.zackrisson at mobila-kontoret.se.
http://bugzilla.ximian.com/show_bug.cgi?id=76279
--- shadow/76279 2005-10-03 09:34:09.000000000 -0400
+++ shadow/76279.tmp.3291 2005-10-03 10:01:26.000000000 -0400
@@ -211,6 +211,40 @@
* Is there any reason why you want to have two separate roots for
issuing SSL server certificates and SSL client certificates ? This
seems only more work (in particular for client configuration) and
doesn't help security (as your system will fail if either root is
compromised).
+
+------- Additional Comments From yngve.zackrisson at mobila-kontoret.se 2005-10-03 10:01 -------
+Hi.
+
+I have simplyfied the procedure for creating the certificates,
+and will attach a tar file for the sslcert17 certificate directory.
+I have taken Your comments in consideration when creating the certs.
+I now have only one root CA 'cacert17'.
+I use 2 configuration files for the creation to allow
+the 'usr_cert' section to be different between the client
+and server certs. Everything else should be equal
+in the configuration files.
+
+The changed procedure and config files is in the 'docs' directory.
+
+The logg of the server run is in:
+'mssslserver2-run-with-server17-cert-p12-20051003.txt'.
+
+The logg of the client run is in:
+'Win32SslHttpClient-client17-cert-p12-20051003.txt'.
+
+I still get the error
+V5
+ error #-2146762486
+V9
+during the server run.
+
+Do You mean that this error message should not be shown if
+I have created the certs (cacert16.cer, server16-cert.p12 and
+client16-cert.p12) with makecert instead?.
+
+Could it have anything to do with the Org.Mentalis.Security.dll?.
+
+
More information about the mono-bugs
mailing list