Whilst investigating what can be done with X-509 certificates, it occurred
to me that maybe having separate, role-based, signing certificates for the
likes of E-Mail/SSL. So I went ahead, created my root (no problems), made
another certificate that was not a CA (but sign-only) and signed that with
the root and finally created a personal one. All this imported marvelously
into Internet Exploder, but when it came time to do the same with Netscrape,
things fell apart in the middle.
Is would appear that it is impossible to import a "web server certificate"
into Netscape without it being served by a web server - correct ? The MIME
hack to get the root CA in with a "double click" appears not to work for
application/x-x509-server-cert.
Are there any other avenues worth exploring that are likely to bear fruit
here ?
Thanks,
Darren
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
