Why was it a problem? You would maintain a CA bundle certificate file that
included virtually all known, serious CA root and intermediate certificates.

the problem is now that I need the most common CA's.
I currently only have VeriSign and GlobalSign and I don't know what the most common are (for enterprise customers only)

The application would ship with this file and/or download it from your
website if (an update was) required.

That would be the customers website which I have no control over and believe me, every step they have to do themselves results in a lot of not so friendly mails ...

Self-signed certificates have to be accepted/trusted once by users,
for a persistent trust add them to the certificate directory.

Self-signed certificates are not allowed here

Maintaining all implemantations is not an easy task.
A customer implementation is splitted over several locations and a typical implementation has about 12 different servers worldwide, has about 20 different applications and about 70 webservices working together.

Of course, each customer has it's own url's and certificates.

It's not that we can't set our own specifications though: for the certificates we can give them a choise of the supported CA's from which they can choose.
I don't want to limit the choise between VeriSign and GlobalSign either.

Do you know where I can find the most common CA's ?



To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to