Well, it was worth a try. ;) Time to fork over the 200 large or whatever it is to become a CA. (I'm from Chicago, we talk like that).
----- Original Message ----- From: "Rich Salz" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, February 28, 2002 8:31 PM Subject: Re: OpenSSL Chain Of Trust > > I want to issue certs off the purchased cert so that I don't have to keep > > purchasing them. Is this possible, and, Kevin, is this Legal? > > It is possible; you can use the cert as a CA cert. > Is it legal? Probably, it depends on what is in the agreement you have > with Verisign. > > Will it work? No. The cert that Verisign signed is (on purpose!) > missing the keyUsage bits and/or other markings that identify it as a CA > cert. Nobody will recognize your SSL cert as a cert-signing cert, so > they won't accept it as such. > /r$ > -- > Zolera Systems, Securing web services (XML, SOAP, Signatures, > Encryption) > http://www.zolera.com > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
