Why was it a problem? You would maintain a CA bundle certificate file that
included virtually all known, serious CA root and intermediate
certificates.
the problem is now that I need the most common CA's.
I currently only have VeriSign and GlobalSign and I don't know what the most
common are (for enterprise customers only)
The application would ship with this file and/or download it from your
website if (an update was) required.
That would be the customers website which I have no control over and believe
me, every step they have to do themselves results in a lot of not so
friendly mails ...
Self-signed certificates have to be accepted/trusted once by users,
for a persistent trust add them to the certificate directory.
Self-signed certificates are not allowed here
Maintaining all implemantations is not an easy task.
A customer implementation is splitted over several locations and a typical
implementation has about 12 different servers worldwide, has about 20
different applications and about 70 webservices working together.
Of course, each customer has it's own url's and certificates.
It's not that we can't set our own specifications though: for the
certificates we can give them a choise of the supported CA's from which they
can choose.
I don't want to limit the choise between VeriSign and GlobalSign either.
Do you know where I can find the most common CA's ?
thanks
Paul
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
