Rene Hollan wrote: > I guess I'm just dense and stupid. Won't that fail since the CA > IC cert won't be signed by the CA cert identified as it's issuer?
Yeah, I think you're right. I made the same mistake I was trying to convince the OP not to make -- thinking that CAs sign certificates. The public IC will be signed by the wrong key and there's no way to produce a signature signed by the right key. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
