[thelist] SSL Certificate Choices
Joshua Olson
joshua at waetech.com
Mon Jan 28 05:12:17 CST 2008
> -----Original Message-----
> From: Ken Schaefer
> Sent: Sunday, January 27, 2008 8:18 PM
>
> Are you kidding?
>
> And *no* you can't just put the whole intermediate chain on
> your server and avoid a warning. The root CA's cert must in
> the user's trusted cert store.
Ken,
Thank you for adding a bit of clarity here. When I said "all that is
required to avoid the message is to put the intermediate certificates (the
whole chain) on the server" I was excluding the roots, which already must be
on the client machine. My wording may have made it a bit confusing when I
added in "the whole chain"--referring to the chain of intermediates.
Kind regards,
Joshua
More information about the thelist
mailing list