On Thu, May 03, 2012, Tammany, Curtis wrote: > Well... > If by "trusted store" you mean my one cert file pointed to by > SSLCACertificateFile, then yes I added the Common Policy, SHA-1 Federal Root > CA and DoD Interoperability Root CA certs to the cert file on my development > site and increased the depth. I got a user with a long cert chain to try to > access the dev site and they could! But those with a short chain like myself > could not access the dev site any more. >
Try just including the Common Policy CA none of the others. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
