I have produced certificates request, posted it towards the Microsoft Certificate Services program. It issues the certificate. I downloaded it to conf/ssl/server.cert
I set up it in apache to presenting
SSLCertificateFile conf/ssl/server.cert SSLCertificateKeyFile conf/ssl/server.key
After I start the server with this particular config I recieve
Secure Connection Unsuccessful A mistake happened throughout an association to 192.168.1.100.
Certificate type not approved for application. (Error code: sec_error_insufficient_cert_type) The page you are attempting to see cannot be proven since the authenticity from the received data couldn't be verified.
- Please contact the site proprietors to see them of the problem.
Basically download the CA Certificate and do the installation with
SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key SSLCACertificateFile conf/ssl/cacert.crt
The server does not start.
It really works fine basically produce a self signed certificate an do the installation, however i require it in the future from Microsoft Certificate Services therefore it will not warn internal customers concerning the certificate.
Seems like your cert is not permitted for use for any server. IIRC, you will see the certificate inside a browser and search for Usage or some such language, also it should say SSL Server (possibly amongst other things).
You have to make certain the released certificate has "Server Authentication" specified among the allowed uses within the extended key usage extension. The simplest method of doing this (and just way on Win2k3 Standard) is by using the net Server certificate template.
You should utilize the Certificate Services MMC snap-directly into add this certificate template towards the listing of individuals permitted, after which have to configure permissions therefore the appropriate user(s) can request certificates.