DERMINIO, MARLENE wrote:
>
> >What is the URL of the offending server so we can take a look?
>
> https://mohost.moric.org/secret2.html
>
Interesting. My version of Netscape also complains.
I think the problem may be that Verisign is now using a new intermediate
CA which ends in one of the standard trusted CA roots (class 3 I'd
guess). The server is just sending the server certificate.
What you need is the new intermediate CA and then add it to the server
so it sends it. This might have been part of the stuff they sent when
you purchased the cert or you might have to obtain it from their site
somewhere.
What should happen then is that browsers will see the new intermediate
CA and see that its issuer is trusted. Then it will recognise the chain
as trusted.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
