In article <[EMAIL PROTECTED]> you wrote:
> Matthew Enger wrote:
>>
>> I am running openssl-0.9.2b and have sucessfully generated a
>> certificate I wish to use for a authority. I was following some old
>> instrcutions for createing a CA under SSLey and was wondering if I still
>> need to ca-fix a certificcate in order for it to work on netscape.
>>
>> I run Netscape at home and it seems to accept the certificate
>> fine, but I want to check before I have problems latter down the line.
>
> The new extension code can handle any extensions ca-fix can and several
> it cannot. The only case where ca-fix may still be useful is if you use
> 'x509' to sign a certificate request instead of 'ca' or 'req -x509'. In
> the current snapshot 'x509' is handled as well. The new options are
> documented in doc/openssl.txt
Oh, Steve: I totally forgot to give you feedback that with our latest OpenSSL
state ca-fix is really obsolete. I was able to finally kick it out and replace
it with the new 0.9.3 stuff for mod_ssl. Thanks for your work on this.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
