On 3/30/11 8:33 AM, Crypto Sal wrote:
David:
Firefox caches that information, so that it can use them later if you
view a similar certificate hierarchy.
If you view the Firefox Certificate Manager you should see "Software
Security Device" vs. that of "Built in Object" next to each of the
certificates in question outside of the Entrust Root CA, which should
say 'Built In...'.
Understood - Is there a way to mimic this functionality with OpenSSL via
CAfile or CApath? So far not having much luck doing that. I pretty much
want to put the root & intermediate CA files somewhere and have my
s_client test utilize those for chaining, rather than what the web
server sends over.
David
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
