googledoogle (sent by Nabble.com) wrote:
this may be a stupid question on SSL excuse my ignorance if it has been asked
before:
how exactly are root certificates installed to client? assuming a SSL client-server model and only server certificate verfication is required.
for web browsers such as IE are trusted root certificate contained along with
the installation program or are they downloaded at a later time after
installation? if they are indeed downloaded, how does it prevent from
downloading through some man-in-the-middle that has swapped the root
certificate?
--
View this message in context:
http://www.nabble.com/root-certificate-installation--t883514.html#a2290035
Sent from the OpenSSL - User forum at Nabble.com.
They generally come with the browser when it is installed. It is
possible to install another trusted root cert in your browser, but it's
not done automatically. That's why companies can charge a lot of money
to give you a cert; they're generally in the "trusted root" list. For a
corporate intranet, though, it is definately possible to create and use
your own root cert. You'd just have to install it on everyone's browser
in the intranet.
The process of installation is pretty browser specific.
Lloyd Brown
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
