Re: Other sources of information.

[Jeremy]

Yeah, I've read what Reiner had to say. The thing is I've done what I'm trying to do before. Here's (hopefully) a better explantion of what I've done before and what I'm trying to do:   The original time I did this I *somehow* signed a brand new certificate with a certificate signed by thwate. I did this using sign.sh. I was in the middle of documenting this when my word document was corrupted!!   The result I wanted and the result I got was the tree in the certification path of the certificate: "thwate -> secure.3kb.net -> www.newcert.co.nz". I found these details by double-clicking on the padlock in IE, then selecting the cerification path tab.   The only problem with that is that anyone who wanted to connect to the secure port using the new certificate required the certificate to be installed on their machine. Other then that it was a valid certificate.   So as an alternative I thought that I would do the same thing, but this time name the new cert as newcert.secure.3kb.net extending off secure.3kb.net (the thwate signed cert), thus eliminating the need to install the certificate as it was still using the same domain name.   Is there any reason why I wouldn't be able to create a valid certificate with the same domain name but would be able to create a valid certificate, extending off the key signed by thwate, with a different domain name?   Perhaps I'm barking up the wrong tree altogther and what I'm trying to do now is totally different to what I achieved previously.   I hope this helps you understand what I'm trying to do. --------------------------------------------------------------- Jeremy Bradley Software Developer 3KB.COM LIMITED Suite 2 Level 1, 10 Turner Street, PO Box 74-307, Auckland, New Zealand Tel: +64 9 379 7574   Fax: +64 9 379 7821 Email: [EMAIL PROTECTED] Web: www.3kb.com