Thanks for you quick reply!!
> >[...]
> > Is it possible to install this CA so, that netscape accepts this for all
> > users?
> >[...]
> I don't know of any such mechanism and I also think it would be not a good one
> (because it can force the user to implicitly trust CAs he doesn't know). But
YES, exactly, the users shall be forced to thrust our CA!
> used some time ago at our Intranet: Create a wrapper for the "netscape"
> program. This does the following: When ~/.netscape/certX.db exists and this
> one is _exactly_ the default file then replace it with the extended version,
Ok, but this requires that the user hasn't accepted any other CA... But
then I'll publish a printed fingerprint of the CA for anybody ;). Usually
users don't care about compareing fingerprints, that's a pitty...
And our 4722 students have to download the cert...
By the way: I had trouble with the "new" SuExec (configure --enable is
new) - but the src/CHANGES file contains the info's I needed, thanks
again!!
Have a nice day,
Steffen
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
