Hi,
>From RFC2246 (TLS V1.0)
certificate_list
This is a sequence (chain) of X.509v3 certificates. The sender's
certificate must come first in the list. Each following
certificate must directly certify the one preceding it. Because
certificate validation requires that root keys be distributed
independently, the self-signed certificate which specifies the
root certificate authority may optionally be omitted from the
chain, under the assumption that the remote end must already
possess it in order to validate it in any case.
In mod_ssl there is a chain for client auhentication
(SSLCACertificatePath,
SSLCACertificateFile ), but i do not see where to configure the chain
for the server certificate.
Is there somewhere a possibility to configure this chain to send with
the server certificate ?
Marc Jadoul
