Chris Owen wrote:
>
> We've used Stronghold for the past 2 years, but frankly I'd much rather
> use plain old apache-ssl. However, there is the Verisign certificate
> problem.
>
> My question is this: What is the real limitation against doing this? The
> apache-ssl web page says it isn't allowed, but on the Verisign site it
> doesn't really make such claims. I've also checked out the Verisign
> contract and except for some vague language about using "appropriate SSL
> software" it doesn't really say anything about any limits as to what
> software you can use the certificate with.
>
> What happens if you use apache-ssl? Do they revoke your certificate? I'd
> rather stay legal, but I'd really rather use the real deal rather than
> Stronghold.
I've just been investigating stronghold products for this reason. I
asked them to what extent you could alter the code without invalidating
the certificate license (I was interested in altering the code to the
extent that it was exactly the same as apache-ssl). They implied that
so long as you don't touch the ssl libraries you can do what you want.
Mike