Francisco Javier Arias González wrote:
 I have:

Two CA certificates. (CA1 , CA2) (not well known CA)
One client certificate of CA1.

Ask option enabled.

If a http server have a certificate of CA1, mozilla send client certificate. If a http server have a certificate of CA2, mozilla do not send client certificate.

We ( operate a website on apache that uses certificates from ourselves, but only accepts certificates for authentication purposes from a different CA.

As long as the certificate for the website is trusted in the browser and you don't need to chain the following simple example is how we did it.


Best regards,
 Duane - Free Security Certificates - Think globally, network locally - Telecommunications Freedom - Sell your photos over the net! - Using Enum.164 to interconnect asterisk servers

"In the long run the pessimist may be proved right,
    but the optimist has a better time on the trip."
mozilla-crypto mailing list

Reply via email to