What does it mean when my connections fail with an “alert bad certificate” error?
[L] Usually when you see errors like “OpenSSL: error:14094412: SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate” in the SSL logfile, this means that the browser was unable to handle the server certificate/private-key which perhaps contain a RSA-key not equal to 1024 bits. For instance Netscape Navigator 3.x is one of those browsers. • Why does my 2048-bit private key not work? [L] The private key sizes for SSL must be either 512 or 1024 for compatibility with certain web browsers. A keysize of 1024 bits is recommended because keys larger than 1024 bits are incompatible with some versions of Netscape Navigator and Microsoft Internet Explorer, and with other browsers that use RSA’s BSAFE cryptography toolkit. • Why is client authentication broken after upgrading from SSLeay version 0.8 to 0.9? [L] The CA certificates under the path you configured with SSLCACertificatePath are found by SSLeay through hash symlinks. These hash values are generated by the `openssl x509 -noout -has
