> From: owner-openssl-us...@openssl.org On Behalf Of Ariel
> Sent: Friday, 22 October, 2010 13:04
> On Thu, Oct 21, 2010 at 7:52 PM, Dave Thompson
wrote:
> Do as sandeep said. Create your own private CA with OpenSSL.
You issue
> certs to clients (w
erisign, Thawte,
>> whoever.
>>
>> If you plan to start your own SSL issuing service, then this is a
>> different
>> story, you will need to look at WebTrust compliance as a starting point.
>>
>> -Eduardo
>>
>> -Original Message- From: Mounir
> If you plan to start your own SSL issuing service, then this is a different
> story, you will need to look at WebTrust compliance as a starting point.
>
> -Eduardo
>
> -Original Message- From: Mounir IDRASSI
> Sent: Friday, October 22, 2010 2:26 PM
> To: open
: error: unable to get local issuer certificate
Hi Ariel,
If you want to avoid browsers warning, your only option is to get a
valid certificate for your users from a commercial CA. You can get them
for free from StartSSL for example (http://www.startssl.com/).
If you represent an organization, then
Hi Ariel,
If you want to avoid browsers warning, your only option is to get a
valid certificate for your users from a commercial CA. You can get them
for free from StartSSL for example (http://www.startssl.com/).
If you represent an organization, then you can try to qualify for the
intermed
Hi Dave, thanks for your reply but...
On Thu, Oct 21, 2010 at 7:52 PM, Dave Thompson wrote:
> > From: owner-openssl-us...@openssl.org On Behalf Of Ariel
> > Sent: Thursday, 21 October, 2010 16:34
>
> > On Thu, Oct 21, 2010 at 12:44 AM, sandeep kiran p
> wrote:
> >
> From: owner-openssl-us...@openssl.org On Behalf Of Ariel
> Sent: Thursday, 21 October, 2010 16:34
> On Thu, Oct 21, 2010 at 12:44 AM, sandeep kiran p
wrote:
> mydomain.com.crt is an End-Entity certificate and not a CA
cert.
> So basically you mean that I
On Thu, Oct 21, 2010 at 12:44 AM, sandeep kiran p
wrote:
> mydomain.com.crt is an End-Entity certificate and not a CA cert. You need a
> CA certificate to sign and issue EE certs. CA certs at minimum should have
> BasicConstraints extension with CA:true and KeyUsage extension with certsign
> bit s
mydomain.com.crt is an End-Entity certificate and not a CA cert. You need a
CA certificate to sign and issue EE certs. CA certs at minimum should have
BasicConstraints extension with CA:true and KeyUsage extension with certsign
bit set.
So you either need to get a CA cert from GoDaddy or setup a t
On Wed, Oct 20, 2010 at 11:10 AM, sandeep kiran p
wrote:
> Is *mydomain.com.crt a CA cert? Does it have Basic Constraints with
> CA=true? Does it also have the certsign bit set in the KeyUsage extension?
> *
> *
> *
> *-Sandeep
> *
>
> Hi Sandeep,
The cert I got from GoDaddy doesn't has "CA=true"
Is *mydomain.com.crt a CA cert? Does it have Basic Constraints with CA=true?
Does it also have the certsign bit set in the KeyUsage extension?*
*
*
*-Sandeep
*
On Wed, Oct 20, 2010 at 5:27 PM, Ariel wrote:
> Hi group
>
> I'm having problems trying to use a certificate I got from GoDaddy (it's a
>
Hi group
I'm having problems trying to use a certificate I got from GoDaddy (it's a
wildcard cert) to sign client certificates requests and then validate them.
This is my actual environment:
- *mydomain.com.key* --> The private key used to request the GoDaddy's
cert
- *mydomain.com.crt*
Shivakumar Balur escribió:
Hi All,
Please provide any solution for
error:
Response Verify Failure
4:error:27069065:OCSP routines:OCSP_basic_verify:certificate
verify error:ocsp_vfy.c:122:Verify error:*unable to get local issuer
certificate*
resolve.pem: unknown
This Update: Sep
description is provided in below mail
Advance Thanks & Regards,
Shivakumar
- Original Message -
From: Shivakumar Balur
To: openssl-users@openssl.org
Sent: Thursday, September 11, 2008 6:43 PM
Subject: Error: unable to get local issuer certificate!!!
Hi,
Mail is quite big with descrip
Hi,
Mail is quite big with description. please read through and help me.
Below are the configuration and execution done for OCSP request and response.
*what is the reason for error?
* what is the solution for error?
Any reply is appreciated.
:)
I have provided even folder structure because, e
s:
VERIFY ERROR: depth=0 error=unable to get local issuer certificate:
/C=AU/O=CSFB/OU=Equities/0.9.2342.19200300.100.1.1=TradeView-Asia/CN=TradeVi
[EMAIL PROTECTED]
SSL_accept : error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no
certificate returned
I think After getting the client certifica
16 matches
Mail list logo