I thing yours Q is about responsibility.
If CA issues for "Some Private Org" such type of certificate, which
allows (key usage) to sign other certificates, then is this CA
responsible for it.
And the other thing: if POP3S library don't check CN (what IMHO should),
then set as trusted only t
I'm not a professional C programmer, but I occasionaly use C to create
administrative "scripts". I'm sorry
if I'm asking for anything trivial and will be very thankful if You
direct me to the relevant documentation.
The question:
I'm trying to obtain SSL certificate for POP3S server of live.com to
I'm working on an implementation of the client side of OCSP stapling.
To verify the stapled information I'm using the chain leading to the
server certificate, as presented in the (repeated) verify callbacks for
the server cert.
As far as I can see I need to do this because the client is only conf
On 02/07/2013 12:30 PM, redpath wrote:
I want to create expired Certs as to address them in code.
Can you set the system date back a couple of months then create
a one-month cert (and reset the date)?
--
Jeremy
__
OpenSSL Pr
