On Wed, 17 Dec 2003, Jan Legenhausen wrote:
> We tried this first, but found that this only works if you do not use
> "unchained" certs on other ports with the same squid. Which we do. Which we
> found out a bit too late... ;-)
Odd.. seem to remember this working fine when testing the implementation.
Maybe your OpenSSL is broken?
It should be noted that the chain is added to the OpenSSL certificate
store, and if I remember correcly OpenSSL will automatically rebuild the
chains on other certificates issued by the same signer.
I don't have any chained certs at the moment to test with and not in a
mood to set up my own CA chain to create such certificates..
Regards
Henrik
Received on Wed Dec 17 2003 - 13:01:29 MST
This archive was generated by hypermail pre-2.1.9 : Thu Jan 01 2004 - 12:00:16 MST