[thelist] SSL Certificate Choices

Joshua Olson joshua at waetech.com
Mon Jan 28 05:12:17 CST 2008

> -----Original Message-----
> From: Ken Schaefer 
> Sent: Sunday, January 27, 2008 8:18 PM
> Are you kidding?
> And *no* you can't just put the whole intermediate chain on 
> your server and avoid a warning. The root CA's cert must in 
> the user's trusted cert store. 


Thank you for adding a bit of clarity here.  When I said "all that is
required to avoid the message is to put the intermediate certificates (the
whole chain) on the server" I was excluding the roots, which already must be
on the client machine.  My wording may have made it a bit confusing when I
added in "the whole chain"--referring to the chain of intermediates.

Kind regards,


More information about the thelist mailing list