Ben Laurie <[EMAIL PROTECTED]>:
> Salz, Rich wrote:
>>> Suppose of certs A,B,C, that C signs
>>> B and B signs A. A is the final cert and lists B as issuer, so B
>>> must sign A. But B might also be signed by D. So either of the
>>> chains C,B,A or D,B,A would be valid. This can only work if
> Something fancier might be appropriate. There may be
> situations where a different chain is needed depending on
> the browser type. Is it even possible to detect the browser
> type before sending the cert chain?
Huh? Unless I've missed something, the c
Bodo Moeller wrote:
>
> "Ralf S. Engelschall" <[EMAIL PROTECTED]>:
>
> [...]
> >> In SSLeay 0.9.1b, Eric added a function SSL_CTX_add_extra_chain_cert
> >> that allows to cleanly build the chain for the server certificate.
> >> I'm afraid, though, that mod_ssl doesn't use it as of yet.
>
> > Wh
Paul Rubin wrote:
>
> > What do you suggest for supporting this in mod_ssl, Bodo?
> > Via an explicit SSLCACertChain or whatever directive? Or implicitly?
>
> The behaviour that makes most sense, I think, is if you just have to
> append the CA certificate(s) to th
Paul Rubin schrieb:
>
> > What do you suggest for supporting this in mod_ssl, Bodo?
> > Via an explicit SSLCACertChain or whatever directive? Or implicitly?
>
> The behaviour that makes most sense, I think, is if you just have to
> append the CA certificate(s) to
> Hi, I'm trying to install a GlobalID into the c2 Stronghold server,
> which uses ssleay (forerunner of openssl).
You should send your message to your vendor; [EMAIL PROTECTED] if you are in
the USA or [EMAIL PROTECTED] elsewhere.
Mark
> What do you suggest for supporting this in mod_ssl, Bodo?
> Via an explicit SSLCACertChain or whatever directive? Or implicitly?
The behaviour that makes most sense, I think, is if you just have to
append the CA certificate(s) to the usual certificate file.
Some
> Hi, I'm trying to install a GlobalID into the c2 Stronghold server,
> which uses ssleay (forerunner of openssl).
You should send your message to your vendor; [EMAIL PROTECTED] if
you are in the USA or [EMAIL PROTECTED] elsewhere.
I'm perfectly aware of that and
Paul Rubin wrote:
>
> > Hi, I'm trying to install a GlobalID into the c2 Stronghold server,
> > which uses ssleay (forerunner of openssl).
>
> You should send your message to your vendor; [EMAIL PROTECTED] if
> you are in the USA or [EMAIL PROTECTED] elsewhere.
>
Paul Rubin <[EMAIL PROTECTED]>:
> Hi, I'm trying to install a GlobalID into the c2 Stronghold server,
> which uses ssleay (forerunner of openssl).
> I'm having a lot of trouble and found some messages about GlobalID's
> in the sw-mod-ssl and openssl-users archives so I thought I'd ask for
> advi
[This is mostly the same message as one I just sent to the modssl
mailing list, so sorry if you've seen it twice.]
Hi, I'm trying to install a GlobalID into the c2 Stronghold server,
which uses ssleay (forerunner of openssl).
I'm having a lot of trouble and found some messages about GlobalID's
i
11 matches
Mail list logo
