On Tue, Apr 19, 2016 at 06:46:27AM -0400, Colin Ryan wrote:
> I'm fairly certain you need the full cert path, including root and
> any intermediate certs.
> To not require this would question the whole point of the cert's.
> I don't, to be frank, understand why you want to not have the rootCA
>
> I run my own private CA with a structure like:
>
> rootCA vpnSubCA
> || vpnCertificate1
> | | vpnCertificate2
> | | vpnCertificate3
> |
> | otherCertificate1
> | otherCertificate2
> | otherCertificate3
> |
On Tue, Apr 19, 2016 at 02:07:23PM +0100, George Ross wrote:
>> I run my own private CA with a structure like:
>>
>> rootCA vpnSubCA
>> || vpnCertificate1
>> || vpnCertificate2
>> || vpnCertificate3
>> |
>> | otherCerti
I'm fairly certain you need the full cert path, including root and any
intermediate certs.
To not require this would question the whole point of the cert's.
I don't, to be frank, understand why you want to not have the rootCA
included. The server - correct me if I'm wrong - would only need the
