Now that the CA's certificate is installed, you should be able to connect from the client Web browser.
Note: These steps are applicable if you are using Internet Explorer (version 9); steps required for other versions of Internet Explorer
or other browsers may differ.
- Try to connect again. In the Web browser, enter
https://localhost:9443.
- Read the security alert again. This time it shows only one problem, which is that the name in the certificate doesn't match
the URL you tried to connect to. This is a warning that the certificate might not have come from the desired Web site, but
from another Web site masquerading as it.
Note: Most modern browsers require Subject Alternative Names which DemoCA does not currently support. Even if you browse to the
CN of the certificate (for example,
https://machine-name:9443) which you can get by running
openssl x509 -in srvcert.pem -text -noout, you will still see a warning.
- Since this is in fact the desired Web site, click
Continue to this website (not recommended) .
The connection is made, and HTTPS Echo sends a page with identification details to your browser, confirming that the connection
has been made successfully. It is normal for most of the strings to be empty, as shown.