> From: owner-openssl-us...@openssl.org On Behalf Of Suresh
> Sent: Tuesday, 26 October, 2010 10:41
> Probably I was not clear in my question.
> When I have several certificates like server cert + key,
intermediate
> and root and want all them to bundle in
Probably I was not clear in my question.
When I have several certificates like server cert + key, intermediate and
root and want all them to bundle in a single file say, PKCS#12.
Is there a specific sequence to bundle them?
For example:
first option = key + server cert + intermediate + root
seco
Thank you for a detailed reply Dave.
> There is a standard ASN.1 structure, PKCS#7 aka Cryptographic
> Message Syntax or CMS, which can carry multiple certs and/or CRLs
> in DER (or PEM-ified single DER, as opposed to PEM concatenation)
> and is fairly commonly used for that purpose.
This makes m
> From: owner-openssl-us...@openssl.org On Behalf Of liv2luv
> Sent: Tuesday, 19 October, 2010 11:26
> I am new to SSL and Certificates.
>
> I have generated a CSR and certificate for signing. In return
> I've got three
> certificates.
>
> a. Root CA's certificate
> b. Intermediate Certificate
ext:
http://old.nabble.com/Certificate-chaining-tp3000p3000.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Ma
Hi Steve. I think I can help you on this one. Give me a call at 215-538-3535
and ask for Tom Nichols.
Steve wrote:
> Hello All,
>
> I have a question regarding the use of certificates in IE 5+ and Netscape
> 4.7+. We have written a small customised SSL web server using OpenSSL,
> etc... This web
Hello All,
I have a question regarding the use of certificates in IE 5+ and Netscape
4.7+. We have written a small customised SSL web server using OpenSSL,
etc... This web server is only to be made available to employees of the
customer company, using SSL to secure the link and a login mechanism
Jan Meijer wrote:
> You could have a point here. I was fooling around with a test certificate
> that is signed by our root CA (the SURFnet PCA). With this test-certificate
> I signed client certs and I had problems verifying the client certs. The
> troubles went away after including the PCA cer
> Check out the docs in the latest snapshot, particularly the verify and
> x509 commands. They explain how things operate in the snapshot and
> pretty much how 0.9.5 will do things.
Thanks. Think I can find the time somewhere this week :) When the
organisational reshuffles are over and I'm stil
Dr Stephen Henson wrote:
> Andrew Cooke wrote:
> > However, it seems to me that it would be better if the verifier had only
> > the root CA certificate, and the verifiee supplied not just its
> > certificate, but the intermediate certs in the chain. In this way, the
> > verifier would not need
Andrew Cooke wrote:
>
> Hi,
>
>
> However, it seems to me that it would be better if the verifier had only
> the root CA certificate, and the verifiee supplied not just its
> certificate, but the intermediate certs in the chain. In this way, the
> verifier would not need updating if intermedia
Hi,
I've been looking around and can't see an answer to this, but if one
exists, please point me to it rather than posting again...
I have been playing with certificate chaining (signing certs that are
signed by a certificate signed by a certificate signed by ... a
self-signed certif
12 matches
Mail list logo