I'm rather new to the SSL world, but I have a simple issue. I paid big $$$ to Verisign for a Certificate for my web server. It seems to me that the only reason I had to pay big $$$ is because Microsoft lists Verisign as a Trusted CA. Of course, the reason for this is so Verisign can "Identify" who I am, which I must say, is not verification. They took my Hotmail Email Address, and a Wire Transfer from Western Union. I never had to provide my identity.
Can I do the following? Issue an openSSL certificate to another server, from the server where I installed the expensive Verisign certificate? My hope is that the certificate I issue will establish a chain of trust back to verisign, thus, users won't get that silly popup window in their browsers saying the site is dangerous, etc etc. I don't think my certificate is dangerous just because I have not paid Microsoft massive amounts of money to consider me a CA. Is their any way to do this? Thanks. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]