On Mon, Mar 12, 2007 at 06:29:36PM +0100, Marek Marcola wrote:
> > 1) Do I have concatenant all "Trusted Root" in to one cert ?? ( cat
> > root1 root2 root3 > root) ?
>
> No, but you should execute c_rehash in that directory.
Speaking of "c_rehash" has anyone looked into fixing the script so that it
is safe to run on live systems? Currently it removes all the "hash" links
before building new ones, even for CAs that have not changed. A client
or server checking the trust chain during "c_rehash" may incorrectly fail.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
