You get browser providers to add your root CA cert to their list of inherently trusted certs.
Failing that, you have your users import your root CA cert to their trusted authority list once. -----Original Message----- From: owner-openssl-us...@openssl.org on behalf of Dallas Clement Sent: Fri 5/28/2010 5:04 PM To: openssl-users@openssl.org Subject: How to make a legit CA cert? This is probably a dumb question, but if I wanted to be come the next Verisign of this world, how do I create a legitimate CA cert? I'd like to be able to create my own that passes verification without throwing errors, like "unknown CA". Thanks, Dallas ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org