I have the same problem probably. I'm also using ITISSL, and as of midnight Jan
1, I get a "certificate expired" error... I found the file certs/vsign3.pem,
and my most immediate question is: How do I replace the certificate. That is,
do I need to specify somewhere the name of this file? D
Related questions:
1. How can I produce the certificate chain that M. Striebeck has produced in a
prev. posting?
2. How is it possible to tell that a certificate (the last in the chain for
Striebeck) is expired?
2. How do I create my own certificate?
3. In general: Is there a good source of user documentation (as opposed to API
documentation which is easy to find)?
I would very much appreciate any help.
Thanks,
Alon
Dr Stephen Henson <[EMAIL PROTECTED]> on 01/04/2000 08:32:51 PM
Please respond to [EMAIL PROTECTED]
To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
cc: Mark Striebeck <[EMAIL PROTECTED]> (bcc: Alon Koren/MN/Unitedmail)
Subject: Re: Problems with Java SSL API
Your verisign root CA has expired: this is the last one in the chain.
You should replace it with a newer version, you can get this from
several places including certs/vsign3.pem in later versions of OpenSSL
or if you have MSIE you can export it using the base64 encoded option.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
