Vulnerability Development mailing list archives

Re: x509 cert parsing in web browsers

From: "Fernando J. Pando" <fpando () nyc rr com>
Date: Sun, 08 Sep 2002 22:08:38 -0400





I am having the same issue with openssl.

i tried new openssl releases versions a-g but they all seem to fail on
netscape client for mac with
self-signed certs.

netscape 7.0 for mac was reported by my developers to be free of this ssl
mismatch issue.

does any one know of any server directives to fix this nescape issue?

-fjp





Administrator Serwera TEK-ART wrote:

-----Original Message-----
From: Administrator Serwera TEK-ART [mailto:admin () tek-art com pl]
Sent: Monday, September 09, 2002 12:31 AM
To: Michal Zalewski
Subject: RE: x509 cert parsing in web browsers

Well, it seems that I had the same problem.

Bad certificate error was produced by OpenSSL, and connection failed by
Netscape/Mozilla browser, while MSIE opened the secure pages correctly.

I have noticed, that some commercial servers based on commercial (e.g.
VeriSign) certificated are opened correctly by the browser. So it means,
that OpenSSL produces certificates ONLY MSIE compatible. Well, as far as I
think so :)

If you know, how I can produce an all-browser-compatible certificate using
my own CA and OpenSSL, I would be grateful for such an information.

SeeYa

Current thread:

x509 cert parsing in web browsers Michal Zalewski (Sep 08)
- <Possible follow-ups>
- x509 cert parsing in web browsers Administrator Serwera TEK-ART (Sep 08)
  - Re: x509 cert parsing in web browsers Fernando J. Pando (Sep 09)
- Re: x509 cert parsing in web browsers Peter Gutmann (Sep 08)
  - Re: x509 cert parsing in web browsers Valdis . Kletnieks (Sep 09)