Date: Mon, 29 Sep 2008 12:00:09 -0500 From: CyberLeo Kitsana <cyberleo@cyberleo.net> To: Fraser Tweedale <frase@frase.id.au> Cc: freebsd-questions@freebsd.org Subject: Re: [OT] Apache SSL certificate authentication Message-ID: <48E10999.9070005@cyberleo.net> In-Reply-To: <20080928040152.GA7159@bacardi.frase.id.au> References: <20080928040152.GA7159@bacardi.frase.id.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Fraser Tweedale wrote: > - Create my CA key and a CSR, and have CACert sign it. Are you sure it's signed as an intermediary CA? cacert.org's website suggests they will only sign leaf certificates. http://wiki.cacert.org/wiki/SubRoot Fortunately, your client certs need not be signed by the same CA as your server cert, and it's probably somewhat pointless to have a client cert (which will be used for your infrastructure alone) vetted by a third party. -- Fuzzy love, -CyberLeo Technical Administrator CyberLeo.Net Webhosting http://www.CyberLeo.Net <CyberLeo@CyberLeo.Net> Furry Peace! - http://wwww.fur.com/peace/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48E10999.9070005>