From: owner-openssl-us...@openssl.org On Behalf Of David Coulson
Sent: Wednesday, 30 March, 2011 10:24
On 3/30/11 8:33 AM, Crypto Sal wrote:
David:
Firefox caches that information, so that it can use them
later if you
view a similar certificate hierarchy.
If you view the Firefox
On 03/29/2011 01:16 PM, David Coulson wrote:
On 3/29/11 12:58 PM, Bruce Stephens wrote:
Add the -showcerts option to the s_client commands and you'll see the
first server returns a chain of certificates where the second offers
only the end server certificate.
Okay, I see that - Makes sense.
On 3/30/11 8:33 AM, Crypto Sal wrote:
David:
Firefox caches that information, so that it can use them later if you
view a similar certificate hierarchy.
If you view the Firefox Certificate Manager you should see Software
Security Device vs. that of Built in Object next to each of the
Probably missing something simple, but I'm having a tough time
validating the CA chain for a certificate. There is a second
certificate, seemingly signed by the same CA which does validate.
I'm not sure how useful this tool is, but it seems to indicate both
certs were signed by the same CA.
David Coulson da...@davidcoulson.net writes:
[...]
OpenSSL has other ideas. First one validates fine, second one does
not. I can't for the life of me figure out what the difference is.
Any ideas?
Add the -showcerts option to the s_client commands and you'll see the
first server returns a
On 3/29/11 12:58 PM, Bruce Stephens wrote:
Add the -showcerts option to the s_client commands and you'll see the
first server returns a chain of certificates where the second offers
only the end server certificate.
Okay, I see that - Makes sense. When I hit the hostname w/ Firefox I'm
able to
David Coulson da...@davidcoulson.net writes:
On 3/29/11 12:58 PM, Bruce Stephens wrote:
Add the -showcerts option to the s_client commands and you'll see the
first server returns a chain of certificates where the second offers
only the end server certificate.
Okay, I see that - Makes sense.