WebApp Sec mailing list archives
RE: Open Source Certificate authority
From: "Law, Gary, (FNB)" <LawG () fnb co uk>
Date: Wed, 24 Sep 2003 08:50:29 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-----Original Message----- From: Jared Ingersoll [mailto:jared () cswv com] 1. Is there an app that anyone is familiar with that will duplicate Verisign's Certificate Authority in a way that would eliminate any type of warning. (It seems like apache and openssl are out). supply certificates that would not present any warning message?
For testing, instantssl / comodo do a free trial certificate for (I think) 28 days suitable for use on web servers. This requires no client configuration / installation of extra trusted root certificates. You'll need to register with them. You should really test with a self-signed certificate, and an expired one too; if the client isn't a browser this will help you understand what its behaviour will be in these conditions. Gary Gary Law Technical Analyst - Unix, Infrastructure Development, First National Bank (UK) -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQA/AwUBP3FM7VB233AXMNP7EQJ4YgCgnGoGAaZHj8k6Dvf1UgYR/ffoPfgAnA0/ V/N7MsiYYzeQwPWShjBRfdNv =q/M8 -----END PGP SIGNATURE-----
Current thread:
- Re: Open Source Certificate authority, (continued)
- Re: Open Source Certificate authority Chackan Lai (Sep 23)
- Re: Open Source Certificate authority Keith W. McCammon (Sep 24)
- RE: Open Source Certificate authority Dave Ockwell-Jenner (Sep 24)
- Re: Open Source Certificate authority Dorian Moore (Sep 24)
- RE: Open Source Certificate authority TUER, DON (Sep 24)
- RE: Open Source Certificate authority Lapinski, Michael (Research) (Sep 23)
- RE: Open Source Certificate authority Tenorio, Leandro (Sep 23)
- RE: Open Source Certificate authority Chip Kelly (Sep 24)
- RE: Open Source Certificate authority Lapinski, Michael (Research) (Sep 24)
- RE: Open Source Certificate authority Jared Ingersoll (Sep 24)
- RE: Open Source Certificate authority Law, Gary, (FNB) (Sep 24)
- RE: Open Source Certificate authority Jared Ingersoll (Sep 24)
- Re: Open Source Certificate authority George W. Capehart (Sep 24)