Will there be still a trust problem
A signs B that signs C
User X trust A and receives C, is C trusted too?
If B expires, but C dates are still ok, and I renew B (with which opennssl command by the way) is C still valid or do I have to renew C too?
Cheers.
Franck
On Mon, 2002-05-13 at 08:11, Erwann ABALEA wrote:
On Mon, 13 May 2002, Franck Martin wrote: > I like to buy a certificate from verisign or thawte that allows me to > sign other certificates. The test certificate produced have the > extension CA:FALSE. I'm not sure if I can sign anything with this kind > of certificate, please advise... No. These certificates are not intended to sign any other entity. If you order a standard certificate, you definitely won't have a CA certificate. :) > What happens when the certificate expires, how to renew it without > having to renew other certificates? When your own certificate expires, you only need to renew it. What else would you like to renew?
