Verifying the Certificate

Now that the CA's certificate is installed, you should be able to connect from the client Web browser.

Note: These steps are applicable if you are using Internet Explorer (version 9); steps required for other versions of Internet Explorer or other browsers may differ.
  1. Try to connect again. In the Web browser, enter https://localhost:9443.
  2. Read the security alert again. This time it shows only one problem, which is that the name in the certificate doesn't match the URL you tried to connect to. This is a warning that the certificate might not have come from the desired Web site, but from another Web site masquerading as it.
    Note: Most modern browsers require Subject Alternative Names which DemoCA does not currently support. Even if you browse to the CN of the certificate (for example, https://machine-name:9443) which you can get by running openssl x509 -in srvcert.pem -text -noout, you will still see a warning.
  3. Since this is in fact the desired Web site, click Continue to this website (not recommended) .

    The connection is made, and HTTPS Echo sends a page with identification details to your browser, confirming that the connection has been made successfully. It is normal for most of the strings to be empty, as shown.