Hi,
> we use Apache/1.3.9, mod_ssl/2.4.10, OpenSSL/0.9.4 with a new global server id
> from verisign.
> further we use the actual intermediate which verisign provides at it's website.
> if a browser, i.e. Netscape 4.7 disables ssl v3 than the client gets the
> security warning 'Netscape does not recognize the
> authority who signed its Certificate'.
> if ssl v3 is anebled, everything works fine, the ca is recognized by both
> browsers.
That is because what you are doing is called 'certificate chaining' and came
aboard with sslv3.
No sslv3, no chaining.
Jan
--
alive ~ true
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]