On Fri, 2016-03-04 at 15:37 +0300, ValdikSS wrote: > Thanks for the information. It definitely doesn't work for any > certificate, probably only for chained certificates.
What you described *was* chained certificates, wasn't it? From the point of view of a client which only trusts the old CA, the server is presenting a chain — its own cert, followed by the "intermediate" new CA which is in turn signed by the trusted 'old CA'. And from the point of view of a client which trusts the new CA, the server is presenting its own certificate, followed by something which can (and should) be ignored. Major CAs have done this, haven't they, resulting in a few crypto libraries having to be modified to back up the chain and look for *alternative* reasons to trust a cert from further back. -- dwmw2
smime.p7s
Description: S/MIME cryptographic signature
