On 5/26/2004 4:35 PM, Sander Smith wrote:
Thanks for your help but my question wasn't answered. I understand
certificate chains - I even created some long ones. My question is about
SSL specifically. The way I understand the SSL handshake, the server only
sends a certificate to the client - ther
SSL v2 could only send 1 certificate. SSL v3 and TLS can send
arbitrarily-length certificate chains (the client doesn't ask for it,
the server sends the entire chain as part of the handshake; if you're
using client authentication then the server sends a certificate request
to the client and th
Thanks for your help but my question wasn't answered. I understand
certificate chains - I even created some long ones. My question is about
SSL specifically. The way I understand the SSL handshake, the server only
sends a certificate to the client - there is no provision to send a
certificate c
See "Certificate Chains" in
http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/keytool.html#Certificates.
Sander Smith wrote:
I'm a bit confused concerning SSL certificates, and hope someone can
shed some light. In reading through the SSL spec concerning the SSL
handshake, it appears to me th
I'm a bit confused concerning SSL certificates, and hope someone can shed
some light. In reading through the SSL spec concerning the SSL handshake,
it appears to me that the certificate that authenticates my server must be
signed by a certificate that is known to the client's browser. This would