hi!
have a (urgent :-) problem: using apache with mod_ssl:
have a chain of: CA1 - CA2 - CA3 - server
Client (MSIE5.0) could successfully verify the complete chain.
now the certificate of CA3 expired, so the CA2 signed the same request
CA3 sent a year ago again. I built a new chain file, and
openssl s_client etc... shows the new certificates are delivered,
but...
the client (MSIE 5.0) now says that the chain could not be verified.
Client cannot even verify CA3. Is there a cache? Did I something wrong
with the resigning of the request? Is there another way of handling expired
CAs.
TIA.
Ralf Wigand
--
[EMAIL PROTECTED]
Webmaster - MicroBIT - CA-Leiter - RZ-Pools
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
