On 02/25/11 4:28 PM, David Schwartz wrote:
On 2/25/2011 11:59 AM, Michael S. Zick wrote:
On Fri February 25 2011, Ricardo Custodio wrote:
Veja www.icp.edu.br
Interesting, I get a "server certificate fails authentication"
from the above address.
You haven't chosen to trust the CA that issued it.
Keep in mind that when the person offering advice can't get it right.
. . .
How is your decision not to trust the CA he chose to use a mistake on
his part?
the root certificate in question is not in either Google Chrome's list
of CAs, or in Mozilla Firefox's list.
"AC-SSL da ICPEDU" is the Root CA, issuing a certificate to www.icp.edu.br
The Root Certificate appears to be one locally generated...
CN=AC-SSL da ICPEDU
S=Distrito Federal
C=BR
E=go...@icp.edu.br
O=ICPEDU
O=RNP
L=Brasilia
with an issuer statement...
Os certificados da ICPEDU sao para uso exclusivo por instituicoes
brasileiras de ensino e pesquisa, e nao tem eficacia probante.
which iGoogle roughly translates as...
Certificates of ICPEDU are for exclusive use by institutions of
higher education and research, and has no probative efficacy.
So basically, this is pretty close to self-signed.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org