On Wed, Nov 13, 2013 at 11:07:19PM -0500, Dave Thompson wrote:
> If certs created with openssl commandline (which OP didn't actually say)
> you can have both keyid and serial only if the issuance operation specified
> keyid[:always],issuer:always which the standard openssl.cnf doesn't.
> And in
> From: owner-openssl-users On Behalf Of Walter H.
> Sent: Tuesday, November 12, 2013 05:08
> On Tue, November 12, 2013 05:47, Alan Jakimiuk wrote:
> > Is there a way I can make all three linked?
>
> this should be the default.
>
> > ie. Cert A->Cert B->Cert C in the certification path?
> > Any
You can add a "caIssuer" entry to the "authorisInformationAccesss" extension
of cert B and C. Put an URL where you can download the issuing certificate (so
cert C has a URL to download cert B). That way, windows can automatically
fetch the intermediate certificate.
cheers
Mat
On Tuesday 12. No
On Tue, November 12, 2013 05:47, Alan Jakimiuk wrote:
> Is there a way I can make all three linked?
this should be the default.
> ie. Cert A->Cert B->Cert C in the certification path?
> Any help would be appreciated
>
can you view the certificates?
openssl x509 -noout -text -in certfile
you sho
Hi there!I am trying to create my own CA, but am having some small issues:I can
create the root CA, then an intermediate CA, both of these are linked correctly
in the certification path ie. it shows that Cert B was signed by Cert A, but
when I sign a certificate with the IA (Cert B) the signed c
