(Root Certificate) => (Intermediate Cert1) => (Intermediate Cert2) => www.mysite.com
Where (Root Certificate) is known to the client but the intermediate certificates are not. My certificate <SHOULD> be considered to be okay since it is traceable back to a trusted certificate, but the SSL handshake seems to say that this is not the case.
However, in looking at some real sites that have real certificates, I see the opposite happening. In particular I see the folowing:
Verisign => (Intermediate) => www.somesite.com
Where Verisign is known to my browser, but the intermediate certificate is not. It is of the fom:
www.verisign.com/CPS Incorp.by Ref. ... (some ofther stuff)
What is going on here? Is there a way for the the browser to get a copy of the intermediate certificate if it isn't already known to it as a trusted certificate?
Sander Smith
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]