websocketopensslssl-certificateself-signed

self-signed ssl certificate for websocket


I generated a self-signed SSL certificate for a local server test and I have some problems for using it. My aim is to test it with a websocket secured (wss) server.

The browsers are refusing the connection saying that the pair certificate has an invalid signature. Firefox return this error code: sec_error_bad_signature.

I generated the certificates and keys with the method described here (in french but you can only look at the openssl commands): http://www.siteduzero.com/informatique/tutoriels/securisation-d-un-chat-reseau-qt-avec-qsslsocket/ou-trouver-les-cles

Do you know how I can resolve this problem?


Solution

  • I believe the problem is caused by the 512 bit key size in your certificates. Microsoft released a security patch (KB2661254) that blocks RSA key lengths less than 1024 bits.

    Try creating your certificates with a 1024 bit or higher key length and see if the problem goes away.