On 2/3/2010 8:33 AM, Farhan Ahmed wrote:
I have installed a new entrust SSL certificate for a site. It looks like that the root certificate is now present in all the browsers and I need to install the Chain certificate for it. I am using the following but it seems like the users are still getting prompted for the untrusted certificate.Cert "/usr/local/openssl/certificate.cert.pem" CAlist "/usr/local/openssl/ca.crt"
I think CAlist isn't what you need, just use the cert directive, and 'cat' the intermediate cert onto your own. So:
$ ca foo.key foo.crt intermediate.cert > foo.pem That's all there is to it. -- Dave Steinberg -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
