| Hi, Can anyone here help me to fix the error below: I run instruction in README such make ca.pem make ca.der make server.pem make server.csr make client.pem and then copy ca.der, client.p12 then I install the certificate into Windows XP. When click the client certificate and it shows "Windows doesn't have enough information to verify this certificate" Server cert in Trusted Root Cert "This certificate has expired or is not yet valid. here the ca.cnf [ ca ] default_ca = CA_default [ CA_default ] dir = ./ certs = $dir crl_dir = $dir/crl database = $dir/index.txt new_certs_dir = $dir certificate = $dir/ca.pem serial = $dir/serial crl = $dir/crl.pem private_key = $dir/ca.key RANDFILE = $dir/.rand name_opt = ca_default cert_opt = ca_default default_days = 1095 default_crl_days = 365 default_md = md5 preserve = no policy = policy_match [ policy_match ] countryName = match stateOrProvinceName = match organizationName = match organizationalUnitName = optional commonName = supplied emailAddress = optional [ policy_anything ] countryName = optional stateOrProvinceName = optional localityName = optional organizationName = optional organizationalUnitName = optional commonName = supplied emailAddress = optional [ req ] prompt = no distinguished_name = certificate_authority default_bits = 2048 input_password = 123 output_password = 123 x509_extensions = v3_ca [certificate_authority] countryName = FR stateOrProvinceName = Radius localityName = Somewhere organizationName = Example Inc. emailAddress = admin@example.com commonName = "Certificate Authority" [v3_ca] subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer:always basicConstraints = CA:true The only thing I'd changed the ca.cnf, client.cnf, server.cnf were default_days and default_crl_days. |