Re: Apache http ssl certificate - export -- MIDRANGE-L

On Tue, Apr 28, 2020 at 1:36 PM Jay Vaughn <jeffersonvaughn@xxxxxxxxx>
wrote:

so i'm particular interested in this...

Verification error: self signed certificate in certificate chain

Doesn't sound good... I also recall postman reporting this also during my
testing... what does this mean?

It means ... you signed the server cert yourself. You made it up whole
cloth using DCM. It never was signed by a Certificate Authority (CA) whose
own cert is signed by an upstream CA, whose own cert ... up to some CA
whose cert already exists in the client's (e.g., Postman) trust store.

And why do you keep referring to the "private key"...
in an sftp ssh authentication, the server holds the private and you give
your public key out... you never give the private out.??
I have only mentioned public key... not private key.

I'm too lazy and stupid to explain the whole SSL key exchange thing, read
about it on the web, but I get nervous when someone talks about exporting
the key from their cert :) That's one way you get man-in-the-middle'd.

No key is needed for a client to use the server cert. Just the publicly
presented cert. Which is what openssl is seeing.

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.