> thanks for the fast replies! When you want to make your own non-EV CA > recognized by the browser, it's easy, you just have to import your CA > as trusted root, then it works. Isn't there a similar way for EV CAs, > like producing your EV CA and simply adding it to the trusted root of > the browser? Is it much more complicated? > > Thanks, > Jakob
Your question is "how can I make an extended validation certificate without extended validation"? The answer is -- you can't, because going through extended validation is what makes an EV certificate an EV certificate. Now, if your question is "how can I trick a browser into thinking a certificate is an EV certificate when it isn't", the answer would be that you'd have to exploit some bug or defect in the browser. No such bugs or defects are known, and if any were know, they would be fixed. What is your actual problem? DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]