I am using Netscape 4.05-en for client and I have the same result as I am using your routinge for generation of the certification. Is it possible, that Netscape Version 3.x is using a different "keygen" structure as it is noticed in SSLEAY directory DOC file ns-ca??? or something else?. If I will have the chance to get the error message, I will send it to you. Thanx in advance Thomas Stolzenberger -----Original Message----- From: Yutaka Sato =?ISO-2022-JP?B?GyRAOjRGI0stGyhK?= [SMTP:ysato@etl.go.jp] Sent: Saturday, August 08, 1998 11:13 PM To: delegate-en@smtpgate.etl.go.jp Cc: pcaaabdyi-5bnwhwgjselr.ml@ml.delegate.org Subject: Re: [DeleGate-En] sslway accept failed In message <_A17@delegate-en.ML_> on 08/08/98(16:25:04) I wrote: | |On the command line of the PROXY/HTTP host the following message appears | |if the https connection is done and I have | |entered my PASSPHRASE for sslway: | | | | accept failed. ... |I saw someone in the delegate@etl.go.jp mailing list said that |the key-length should be 512 bits which is originally 1024 bits |by default. ... |http://wall.etl.go.jp/mail-lists/archive/delegate/6712 Following the article in above URL (from Mr. Ueno) I created my own certification and key as follows (without editing ssleay.cnf): ssleay req \ -new \ -newkey rsa:512 \ -nodes \ -days 365 \ -x509 \ -out server-cert.pem \ -keyout server-key.pem Then used it with DeleGate as follows: delegated -P8080 -v \ SERVER=https \ FCL="sslway -ac" \ MOUNT="/* http://etlfs/*" \ REMITTABLE=http >From Netscape Navigator Gold 3.0.1, I can connect the server without problem (after interactive acception of the certificate, but without any interactive entry of pass phrase for SSLway). The log of DeleGate + SSLway around acception is as follows: 08/08 21:11:11.25 [6379] 12+0: -- Fork(FCL): 6378 -> 6379 08/08 21:11:11.25 [6379] 12+0: #### execFilter[FCL] sslway -ac ## SSLway[6380](192.31.200.115) start ## SSLway[6380](192.31.200.115) accepted ## SSLway[6380](192.31.200.115) client's cert. = NONE Cheers, Yutaka -- Yutaka Sato <ysato@etl.go.jp> http://www.etl.go.jp/~ysato/ @ @ Computer Science Division, Electrotechnical Laboratory ( - ) 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan _< >_ CMG PECOM GmbH Thomas Stolzenberger Nockherstr. 2-4 81541 Mnchen Tel: ++ 49 89 651120 Fax: ++ 49 00 0000000X