I created a root CA and a subCA with its certificate signed by the root CA, I copied the root CA certificate to $SUBCA_INSTALL_PATH/openca/var/crypto/chain/rootca.crt then selected the "rebuild CA chain" option in the initialization menu on the subCA web interface then I got a success message and the following output:
cacert.crt ... e4e1fcfc.0 rootca.crt ... 853f9f3d.0 The problem is that client software (I'm using Internet Explorer) trusting the root CA don't accept certificates signed by the subCA because the signer is untrusted. Is this behavoir correct? I suppose something is going wrong with the information about the CA chain in the certificate, but I'm not sure what should I check. Any hints? Thanks. Alessandro. ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
