I thought similar, but it becomes more strange;
if the webserver uses a certificate that is signed from a CA with built
in token, then this needn't be;
and in case it is signed from my internediate certificate, this doesn't
help ...
Greetings,
Walter
On 07.10.2013 09:39, Mat Arge wrote:
Just a wild guess: If you click on "edit trust" on the root certificate in
Firefox, you have to tick the box for web server certificates.
cheers
Mat
On Friday 04. October 2013 21:29:57 you wrote:
Hello,
there exists a self signed root CA certificate (A)
one intermediate CA certificate (B)
and this intermedia certificate has signed a SSL certificate (C) of a
web server;
the SSL certificate has in its 'Authority Information Access' extension
the URL to the
intermediate CA certificate, and the intermediate CA certificate has in
this extension the URL to the root CA certificate;
every certificate is stored in DER format;
in case the certificate database of the browser has only the root CA
certificate and I surf to this webserver
which itself sends the whole certificate chain; why does this work
without errors only in IE, and not in FireFox?
if the root CA certificate is a built-in token; then this works in
Firefox, too;
why this strange behaviour?
Thanks,
Walter
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
