"Auteria Wally Winzer Jr." wrote:
>
> So, in a nutshell openssl doesn't have the ability to create 128-bit
> self-signed CA's?
>
There's no such thing as a "128-bit self-signed CA". The certificates
that are advertised as "global server" or "SGC" or "step up" are little
different to ordinary certificates and OpenSSL *can* create them.
That wont help though because they need their root CAs hard coded into
the browser software as trusted "global server" certificates.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
