lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV SSL on Lynx 2.7.1 (Linux)

From: Laura Eaves
Subject: Re: LYNX-DEV SSL on Lynx 2.7.1 (Linux)
Date: Thu, 10 Jul 1997 20:02:25 -0400 (EDT) 
> Date: Thu, 3 Jul 1997 18:34:45 -0700 (PDT)
> From: Doug Kaufman <address@hidden>
>...
> On Thu, 3 Jul 1997, Nicholl Environmental wrote:
>
> > 5. <em>Whew!</em> 
> > 
> > Using either eassl (port 5010) or edssl (port 4443), I get the same error
> > message when I attempt to access a secure site; here's an example:
> > 
> > Jul  2 01:50:23 127.0.0.1:7554 127.0.0.1:4443 10.0.2.15:7613
> > 198.95.249.88:443 /C=US/SP=California/L=Mountain
> > View/O=Netscape Communications Corporation/OU=SSL v3.0 Test
> > Server/CN=ssl3.netscape.com SSL connection: -1 error:1408806E:SSL
> > routines:SSL_SET_CERTIFICATE:certificate verify failed
> > 
> > After scouring the documentation in SSLeay, I'm still at a loss.  Did I
> > miss a step?  Thanks in advance,
> > 
> > Nick Nicholl
> > <address@hidden>
>
> This sounds as if you don't have your own certificate done correctly.  I
> just tried the site "https://ssl3.netscape.com/"; and got a confirmation.
> I am using a self-signed certificate.  I would try again, following the
> instructions at "http://paradigm.webvision.com/developers/casetup.html"; .
> If you still have trouble, tell us step-by-step how you made your
> certificate. One potential problem is your "Common Name".  Make sure to
> use "*.att.net".
>
> Good luck.

I tried eassl a while back and never was able to get it to work
unless I turned off all the cert verify stuff -- i.e., returned 1
regardless of the cert string.
Then I was able to connect to https sites with no problem.

Anyway, since I don't understand exactly what eassl / edssl are trying to do
in the first place, i deleted all that and am just using Tom's "super simple"
lxprox.c.  It hasn't failed yet.
(I never got Fote's stuff to work either.)

I don't see why it is necessary to have your own cert (or whatever it's called)
in order to connect to an https/snews site.  (And I don't like running
something unless I have at least an inkling of what it's doing.)
All I wanted to do was place orders online at my favorite shopping sites,
which are all switching to secure transactions.
Are there sites that actually require a user to supply a cert?
If so, how do they know which certs are valid?
--le

;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;
reply via email to
[Prev in Thread] Current Thread [Next in Thread]