Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 29 Sep 2008 12:00:09 -0500
From:      CyberLeo Kitsana <cyberleo@cyberleo.net>
To:        Fraser Tweedale <frase@frase.id.au>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: [OT] Apache SSL certificate authentication
Message-ID:  <48E10999.9070005@cyberleo.net>
In-Reply-To: <20080928040152.GA7159@bacardi.frase.id.au>
References:  <20080928040152.GA7159@bacardi.frase.id.au>

next in thread | previous in thread | raw e-mail | index | archive | help
Fraser Tweedale wrote:
> - Create my CA key and a CSR, and have CACert sign it.

Are you sure it's signed as an intermediary CA? cacert.org's website
suggests they will only sign leaf certificates.
http://wiki.cacert.org/wiki/SubRoot

Fortunately, your client certs need not be signed by the same CA as your
server cert, and it's probably somewhat pointless to have a client cert
(which will be used for your infrastructure alone) vetted by a third party.

-- 
Fuzzy love,
-CyberLeo
Technical Administrator
CyberLeo.Net Webhosting
http://www.CyberLeo.Net
<CyberLeo@CyberLeo.Net>

Furry Peace! - http://wwww.fur.com/peace/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48E10999.9070005>