I guess GoDaddy, Thawte, DigiCert and StartSSL (and probably others) are not signing SSL certs with their root key, but rather they have an intermediate cert that they sign, and then use that intermediate cert to sign the SSL certs they issue.
http://en.wikipedia.org/wiki/Intermediate_certificate_authorities http://www.whichssl.com/intermediate_certificates2.html http://support.godaddy.com/help/article/868/what-is-an-intermediate-certificate I think there should be a way to combine the "normal" site SSL cert and the intermediate cert into a single file, and let OpenSSL handle it from there, but I haven't had any luck: http://www.geeklab.info/2011/01/how-to-use-chained-ssl-certificates/ StartSSL (startssl.com) issues free certs, which could be used for testing. Thanks, Jordan On Fri, 21 Sep 2012 12:25:25 -0600, Jay McCarthy <jay.mccar...@gmail.com> wrote: > I don't know what they are, so I presume that it doesn't support them. > If you can give me some docs or test cases to work with, I could see > how difficult it is to implement. > > Jay > > On Fri, Sep 21, 2012 at 11:24 AM, Jordan Schatz <jor...@noionlabs.com> wrote: > > > > I have an SSL certificate that depends on an intermediate certificate, but I > > cant find anything in the documentation on how to tell the web server that > > my > > cert needs the intermediate certificate... Are intermediate certificates > > supported? anyone know of a work around? > > > > Thanks, > > Jordan > > ____________________ > > Racket Users list: > > http://lists.racket-lang.org/users > > > > -- > Jay McCarthy <j...@cs.byu.edu> > Assistant Professor / Brigham Young University > http://faculty.cs.byu.edu/~jay > > "The glory of God is Intelligence" - D&C 93 ____________________ Racket Users list: http://lists.racket-lang.org/users
