New SSL certificate with 2048 bit shows error: (Fehlercode: sec_error_unknown_issuer)

[Maddy07]

The encryption software need a source of random data. Many operating systems offer a free "device entropy source" that provides this service (it is usually called / dev / random). On other systems, applications must manually start the generator Pseudo-Random Numbers in OpenSSL (Pseudo-Random Number Generator PRNG) using appropriate data before generating keys or performing public key encryption . But my new SSL certificate with 2048 bit shows error: (Fehlercode: sec_error_unknown_issuer). I am using firefox browser. Please help.

[Jackson2]

Errors such as ``mod_ssl: Child "could not open lockfile SSLMutex / opt/apache/logs/ssl_mutex.18332 (with system error follows) [...] System: Permission denied (errno: 13)''are often caused by overly restrictive permissions on the directories parents. Make sure that all parent directories (here / opt, / opt / apache and / opt / apache / logs) have the x bit set, at least for the UID under which Apache child processes are running.

[Techno01]

Well not really, because three researchers at the University of Michigan have succeeded in breaking the RSA 1024-bit, simply by changing the voltage of the processor in a server (via a power supply tampered with). This voltage change causes slight errors in CPU clock cycles, allowing OpenSSL error for each bit in the multiplication operations, reveal four bits of the secret key and private.

[Trio]

The malformed messages (about 8800), just a small cluster of 81 Pentium 4, simmer a big hundred hours and BING, without a trace and without damaging the computer, the 1024 OpenSSL bit (on a SPARC-based architecture) have disintegrated. This technique may seem to apply it to other encryption libraries. Researchers planchent now on a similar technique to replace the power supply modified by a laser or radiation source whatsoever (just to make it without touching the hardware of the machine).

[deveritt]

You need to create a PKI ( Public Key Infrastructure ) or PKI (Public Key Infrastructure) in English with its own Certificate Authority ( CA) . Create certificates ( self - signed ) for websites mod_ssl for postfix. I include in this tutorial as a way to create different SSL certificates for different VirtualHosts . After creating the CA , it must now generate a certificate for Apache2 .

[Techguru01]

The https is good but it must also have utility , as we all go through external payment systems are secure, what is the point of having a https site? Perhaps the files checkout - shipping , payment , confirmations etc. for those who do not know much about the web . Besides, I wonder how would it be possible to fix only for those files and then how a https to make the transition to the payment server. I must confess that I have doubts about the usefulness and the advisability such an offer.