subject:"Re\: being my own ca"

Re: being my own ca

2011-08-25 Thread Craig White

at 3:43 PM, Eduardo Navarro wrote: > What EKU are you using for the HTTP server cert? > > Sent from my Windows Phone > > From: Craig White > Sent: 8/24/2011 6:03 PM > To: openssl-users@openssl.org > Subject: Re: being my own ca > > Def

RE: being my own ca

2011-08-25 Thread Eduardo Navarro

What EKU are you using for the HTTP server cert? Sent from my Windows Phone From: Craig White Sent: 8/24/2011 6:03 PM To: openssl-users@openssl.org Subject: Re: being my own ca Definitely there in Keychain_Access.app and specifically indicated to 'Always

Re: being my own ca

2011-08-24 Thread Craig White

Definitely there in Keychain_Access.app and specifically indicated to 'Always Trust' for everything (trying a shotgun approach) Now that obviously doesn't work for Firefox but apparently Chrome uses Keychain_Access for certificate management and it still tosses the alert. Chrome Definitely there

Re: being my own ca

2011-08-24 Thread Eduardo Navarro

You need to have your Root CA certificate (the one used to issue the intermmediate CAs and the HTTP cert) to be added to the Trusted Root Certificates store. Firefox manages this separately, same as Apple. Apple needs to add the CA to the Keychain as a trusted root. Firefox, you need to add it