Here the rootCA signs both myside.com and part.myside.com. So the certificate chain is as I understand as follows
rootCA -------> signs -----> myside.com rootCA -------> signs -----> part.myside.com So, this above scenario would necessiate only rootCA to verify part.myside.com. It doesn't need myside.com since myside.com does not sign part.myside.com. If you have an intermediate CA to sign part.myside.com for ex rootCA --->signs---> intermediate CA----> signs ----> part.myside.com then one has to add intermediate CA also to verify part.myside.com.....So may be you have missed out on the intermediate CA as Dr.Stephen suggested cheers and if you solve it pls let me know Pjothi On 2/13/06, Gayathri Sundar <[EMAIL PROTECTED]> wrote: > I think you should load myside.com as well onto the browser.. > as it is needed to verify part.myside.com. > > Thanks > --G3 > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Zaid > Sent: Sunday, February 12, 2006 5:33 AM > To: openssl-users@openssl.org > Subject: Certificate chain question > > > I have a root CA which is loaded on my browser, the > rootCA certify mysite.com which is also used to > certify part.mysite.com when user go directly to > part.mysite.com the browser complains because the > certifcate chain is not complete. Has anyone > experienced this problem or can perhaps explain why > this would happen? > > > Thanks, > Zaid > > ++------------------------------------------------------------++ > If we don't believe in freedom of expression for people we despise, we don't > believe in it at all. > Chomsky, Noam > > Zaid's Blog: http://drummergeek.blogspot.com > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
