Vulnerability Development: x509 cert parsing in web browsers

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

x509 cert parsing in web browsers

From: "Administrator Serwera TEK-ART" <admin () tek-art com pl>
Date: Mon, 9 Sep 2002 02:07:43 +0200

-----Original Message-----
From: Administrator Serwera TEK-ART [mailto:admin () tek-art com pl]
Sent: Monday, September 09, 2002 12:31 AM
To: Michal Zalewski
Subject: RE: x509 cert parsing in web browsers

Well, it seems that I had the same problem.

Bad certificate error was produced by OpenSSL, and connection failed by
Netscape/Mozilla browser, while MSIE opened the secure pages correctly.

I have noticed, that some commercial servers based on commercial (e.g.
VeriSign) certificated are opened correctly by the browser. So it means,
that OpenSSL produces certificates ONLY MSIE compatible. Well, as far as I
think so :)

If you know, how I can produce an all-browser-compatible certificate using
my own CA and OpenSSL, I would be grateful for such an information.

SeeYa

By Date By Thread

Current thread:

x509 cert parsing in web browsers Michal Zalewski (Sep 08)
- <Possible follow-ups>
- x509 cert parsing in web browsers Administrator Serwera TEK-ART (Sep 08)
  - Re: x509 cert parsing in web browsers Fernando J. Pando (Sep 09)
- Re: x509 cert parsing in web browsers Peter Gutmann (Sep 08)
  - Re: x509 cert parsing in web browsers Valdis . Kletnieks (Sep 09)