Hi,

I am using openssl to secure a number of services in
my organization: http, imap, smtp, ldap etc...

For our internal servers we have been able to generate
CA certs with openssl and sign our own certificates
and all the services work great, EXCEPT the client
software always complains that the certificate chain
doesn't end with a trusted CA.  I am speaking
specifically about MS-outlook and netscape.  outlook
complains every single session where netscape at least
gives you the option to accept the certificate
forever.
Anyway I am sure other clients would complain too.

My question is how can I prevent these messages, how
can I get the client software to trust our own CA
cert.  On the web I searched and someone said to make
a pkcs12 client cert.. anyway I tried that in a number
of ways and it didnt work... And I really dont care
about verifying the client... I to just make the
client trust the homegrown ca.

Any help would be much appreciated.
Thanks
Zachary.


__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to