The error from Apache is:
Certificate Verification: Error (34): unhandled critical extension
This is not a WebID error -- the certificate was self-signed with
extensions set 'Critical'. Resign with all extensions set 'Not
Critical'.
--
Joe Presbrey
On Wed, Apr 13, 2011 at 5:01 PM, Nathan <nathan@webr3.org> wrote:
> Joerg Anders wrote:
>>
>> On Wed, 13 Apr 2011, Joe Presbrey wrote:
>>
>>>
>>> data.fm works with my WebID at http://presbrey.mit.edu/foaf#presbrey
>>>
>>
>> Hmm, I get ssl_error_certificate_unknown_alert
>>
>>> We openly welcome self-signed certs.
>>>
>>> I've just reconfirmed my cert with pubkey B2AB30... is self-signed.
>>>
>>> Would you mind sharing your WebID URL and X509 certificate?
>>>
>>
>> You can test it with: http://foaf.me/Hans#me
>>
>> The PKCS12 File is at
>>
>> http://vsr.informatik.tu-chemnitz.de/staff/jan/WEBID/webid.xhtml
>>
>> (ignore the German text, download only HannesElmert.p12)
>>
>> The password for importing into Firefox is
>>
>> HansElmert
>>
>> BTW: It works on https://bblfish.net:8443/test/WebId
>
> Joe, Joerg,
>
> If it helps any, I can confirm that the error isn't in the WebID
> implementation, it's apache sending back the error message, you can see it
> duplicated on: https://a.open.gs/ which does /not/ have any WebID
> implementation, it only has apache configured to request the certificate.
>
> Best,
>
> Nathan
>
>
