Automatic configuration of CA browser list

To: apache-ssl@lists.aldigital.co.uk
Subject: Automatic configuration of CA browser list
From: "Thomas A. Fine" <fine@hawkmoth.net.ohio-state.edu>
Date: Fri, 8 May 1998 19:58:46 GMT
Delivered-To: mailing list apache-ssl@lists.aldigital.co.uk
Mailing-List: contact apache-ssl-help@lists.aldigital.co.uk; run by ezmlm
Organization: http://www.apache-ssl.org
Reply-To: apache-ssl@lists.aldigital.co.uk

I'm trying to set up an internal-use certificate authority for Ohio State U.

I was under the strong impression that when a browser connects to a server
with a certificate signed by an unknown CA, that it would give you the
option of accepting either the site certificate, or the new CA.

I even believe that I have seen netscape ask me this before.  And the
SSL FAQ says something along these lines also (section 9.2, under the
"Note:").

As configured so far, netscape asks if I want to accept the site certificate,
but makes no mention of the certificate authority (other than saying it
is unknown).

I can't tell if apache-ssl supports this (seems like it should be in
the SSL layer so it should), and if it does, how to configure things so
that it will work.  Has anyone done this?

        tom

Follow-Ups:
- Re: [apache-ssl] Automatic configuration of CA browser list
  - From: Adam Laurie <adam@algroup.co.uk>
- Re: [apache-ssl] Automatic configuration of CA browser list
  - From: "Thomas A. Fine" <fine@hawkmoth.net.ohio-state.edu>

Prev by Date: Re: [apache-ssl] seg-fault
Next by Date: Re: [apache-ssl] Automatic configuration of CA browser list
Prev by thread: Re: [apache-ssl] seg-fault
Next by thread: Re: [apache-ssl] Automatic configuration of CA browser list
Index(es):
- Date
- Thread