Hi, I apologize to all for not looking into this more, before asking. It isn't just a matter of adding the proper extensions. The various browser software actually has the corporate policy OID hard coded into the browser code. At first glance I would never of thought this, as the delay to getting your product to the web market may be a factor. Again unless you pay outrageous fees for basically getting a notary seal from one of the certificate CA's that have their policy already in place or you're out of luck!
Again it's not the fact you have to meet the guidelines, my issue is with the fees places like (no names mentioned) charge for certificates. I do think they should get paid for work done, but I don't think the current fees are in proportion with the product / service provided... Sorry if I offended anyone, Rick (Aka; Gumbie) -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of David Schwartz Sent: Thursday, September 23, 2010 7:56 PM To: openssl-users@openssl.org Subject: Re: Creating Extended Validation SSL Certificates On 9/23/2010 7:16 AM, Gumbie wrote: > Can someone explain what is needed to create and EV (Extended > Validation) Certificate? I have been trying to research this and have > found limited information on this. Only one document that was of any > help -àhttp://www.cabforum.org/EV_Certificate_Guidelines.pdf. > > My issue is with OpenSSL and adding the needed additional OIDs to the > certificate. > > Thanks in advance, > > Gumbie > Either request them from any CA that offers them or yourself make a CA that follows the EV guidelines. The whole point of EV certificates is that you cannot create them without going through extended validation. By design, there is no way to bypass this requirement. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
<<attachment: winmail.dat>>
