> From: owner-openssl-us...@openssl.org On Behalf Of Ariel
> Sent: Friday, 22 October, 2010 13:04
> On Thu, Oct 21, 2010 at 7:52 PM, Dave Thompson
wrote:
> Do as sandeep said. Create your own private CA with OpenSSL.
You issue
> certs to clients (w
erisign, Thawte,
>> whoever.
>>
>> If you plan to start your own SSL issuing service, then this is a
>> different
>> story, you will need to look at WebTrust compliance as a starting point.
>>
>> -Eduardo
>>
>> -Original Message- From: Mounir
> If you plan to start your own SSL issuing service, then this is a different
> story, you will need to look at WebTrust compliance as a starting point.
>
> -Eduardo
>
> -Original Message- From: Mounir IDRASSI
> Sent: Friday, October 22, 2010 2:26 PM
> To: open
: error: unable to get local issuer certificate
Hi Ariel,
If you want to avoid browsers warning, your only option is to get a
valid certificate for your users from a commercial CA. You can get them
for free from StartSSL for example (http://www.startssl.com/).
If you represent an organization, then
Hi Ariel,
If you want to avoid browsers warning, your only option is to get a
valid certificate for your users from a commercial CA. You can get them
for free from StartSSL for example (http://www.startssl.com/).
If you represent an organization, then you can try to qualify for the
intermed
Hi Dave, thanks for your reply but...
On Thu, Oct 21, 2010 at 7:52 PM, Dave Thompson wrote:
> > From: owner-openssl-us...@openssl.org On Behalf Of Ariel
> > Sent: Thursday, 21 October, 2010 16:34
>
> > On Thu, Oct 21, 2010 at 12:44 AM, sandeep kiran p
> wrote:
> >
> From: owner-openssl-us...@openssl.org On Behalf Of Ariel
> Sent: Thursday, 21 October, 2010 16:34
> On Thu, Oct 21, 2010 at 12:44 AM, sandeep kiran p
wrote:
> mydomain.com.crt is an End-Entity certificate and not a CA
cert.
> So basically you mean that I
On Thu, Oct 21, 2010 at 12:44 AM, sandeep kiran p
wrote:
> mydomain.com.crt is an End-Entity certificate and not a CA cert. You need a
> CA certificate to sign and issue EE certs. CA certs at minimum should have
> BasicConstraints extension with CA:true and KeyUsage extension with certsign
> bit s
mydomain.com.crt is an End-Entity certificate and not a CA cert. You need a
CA certificate to sign and issue EE certs. CA certs at minimum should have
BasicConstraints extension with CA:true and KeyUsage extension with certsign
bit set.
So you either need to get a CA cert from GoDaddy or setup a t
On Wed, Oct 20, 2010 at 11:10 AM, sandeep kiran p
wrote:
> Is *mydomain.com.crt a CA cert? Does it have Basic Constraints with
> CA=true? Does it also have the certsign bit set in the KeyUsage extension?
> *
> *
> *
> *-Sandeep
> *
>
> Hi Sandeep,
The cert I got from GoDaddy doesn't has "CA=true"
Is *mydomain.com.crt a CA cert? Does it have Basic Constraints with CA=true?
Does it also have the certsign bit set in the KeyUsage extension?*
*
*
*-Sandeep
*
On Wed, Oct 20, 2010 at 5:27 PM, Ariel wrote:
> Hi group
>
> I'm having problems trying to use a certificate I got from GoDaddy (it's a
>
11 matches
Mail list logo
