> As far as the free 3rd party signing my certificate, I understand your > point. So, I'll have just have to have my users set up there web > browser to > trust the certificate I email to them. > > Thanks to all for your help. Much appreciated.
Another possible solution is to put your certificate up for download on a secure web server that has a certificate signed by a CA they already trust. Email, unless signed or otherwise protected, is not a very secure way to send someone a certificate you expect them to trust, especially if it's a CA certificate. Another possibility is to create a "certificate installer" application and sign it with a code-signing key. That won't work for all platforms, but if you're only targetting Windows, that might be a solution. If it's not a CA certificate, you're putting your users through a lot of trouble just to save $15. If it is, you need to go to more trouble not to put your users at risk. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
