Re: [openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

2015-12-13 22:57 GMT+01:00 Salz, Rich : > >> And we don't know on which client OP will have to use that pem file, thus >> give advise that works on all clients, not just OpenSSL or GnuTLS or >> whatever. > > It is quite reasonable to give openssl-specific answers on the

Re: [openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

On 12/12/2015 22:23, Dominik Mahrer (Teddy) wrote: Hi everyone My question is: How can I set up a bundle of commercial root CA certificates? Exactly this the same question I found as FAQ # 16 (User). But as answer there is only explained that openssl will not serve a bundle. But it is not

Re: [openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

2015-12-13 3:53 GMT+01:00 Viktor Dukhovni : > > In other words, you can concatenate all the trusted root CA > certs into the "cert.pem" file in that directory, but this > has a performance cost, as all the certificates are loaded > into memory and parse even though most

Re: [openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

On 13.12.2015 11:34, Ben Humpert wrote: 2015-12-13 3:53 GMT+01:00 Viktor Dukhovni: In other words, you can concatenate all the trusted root CA certs into the "cert.pem" file in that directory, but this has a performance cost, as all the certificates are loaded into

Re: [openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

> On Dec 13, 2015, at 5:34 AM, Ben Humpert wrote: > > 2015-12-13 3:53 GMT+01:00 Viktor Dukhovni : >> >> In other words, you can concatenate all the trusted root CA >> certs into the "cert.pem" file in that directory, but this >> has a performance cost,

Re: [openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

2015-12-13 20:27 GMT+01:00 Viktor Dukhovni : > > This is both wrong and irrelevant. The OP should proceed as instructed. > OpenSSL's CAfile feature reads multiple certificates from a single file. Exactly that is the point. Only "linux based" tools will be able to read

Re: [openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

> And we don't know on which client OP will have to use that pem file, thus > give advise that works on all clients, not just OpenSSL or GnuTLS or whatever. It is quite reasonable to give openssl-specific answers on the openssl-users mailing list, isn’t it?

Re: [openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

> On Dec 12, 2015, at 4:23 PM, Dominik Mahrer (Teddy) wrote: > > How can I set up a bundle of commercial root CA certificates? > Exactly this the same question I found as FAQ # 16 (User). But as answer > there is only explained that openssl will not serve a bundle. But it is

[openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

Hi everyone My question is: How can I set up a bundle of commercial root CA certificates? Exactly this the same question I found as FAQ # 16 (User). But as answer there is only explained that openssl will not serve a bundle. But it is not explained how to set up a bundle - but exactly this I

Re: [openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

Hi, so if I understand you correctly you want to create one file that contains more than one CA certificate and can be installed onto Windows, Mac, etc.? You only can do that if you create a p12 file and that must contain a leaf certificate and its private key. openssl pkcs12 -export -in

Re: [openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

On Sat, Dec 12, 2015 at 10:23:38PM +0100, Dominik Mahrer (Teddy) wrote: > Hi everyone > > My question is: > How can I set up a bundle of commercial root CA certificates? > Exactly this the same question I found as FAQ # 16 (User). But as answer > there is only explained that openssl will not