Hey there: Well, the first thing to do to be able to issue EV certs and have them recognised by the various browsers is to build a CA and issuance regime that will pass an audit according to the rules from the CABrowser folks, do a proper key ceremony, and then have that audit.
And then, wait until your Root CA Cert and EV OIDs are accepted and shipped in a Browser update by the various Browser vendors. Just adding some OIDs to the server certificate is not enough. Have fun. On 2010-09-23, at 10:16 AM, Gumbie wrote: > Can someone explain what is needed to create and EV (Extended Validation) > Certificate? I have been trying to research this and have found limited > information on this. Only one document that was of any help > -àhttp://www.cabforum.org/EV_Certificate_Guidelines.pdf. > > My issue is with OpenSSL and adding the needed additional OIDs to the > certificate. > > Thanks in advance, > Gumbie --- Patrick Patterson President and Chief PKI Architect Carillon Information Security Inc. http://www.carillon.ca tel: +1 514 485 0789 mobile: +1 514 994 8699 fax: +1 450 424 9559 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
