Are Hoel wrote:
> I've seen a few websites having "installable" certificate, i.e. when you
> connect to the secure site (for the first time) it asks if you want to
> install the certificate. Then, the next time you go to the same site it
> automaticly starts the secure connection, without question. When I do a
> standard install of apache with mod_ssl I have no posibility to install,
> just accept. I follow all the normal steps; make certificate type=custom,
> make install. Is there something I'm missing?
There is nothing like an "installable certificate". Actually the user
should decide which Root CAs he trusts. The popular browsers take away
this responsibility from the user and declare some root CAs trusted by
default. When you enter a SSL website that has a certificate which was
signed by a CA not contained in the browser's list, the process you
describe starts: The browser asks you whether to trust the certificate
or not.
> Also, is there a "simple" way
> to add a new, or change, certificate, like a script?
CA.pl, contained in the OpenSSL package, is one example. There is also a
package called OpenCA, but I have not used it yet.
--
Manfred H�rtel mailto:[EMAIL PROTECTED]
http://rz-home.de/mhaertel
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
