Chaining x.509 certificates
wdtj_at_yahoo.com
Date: 04/28/05
- Next message: madman91_at_gmail.com: "Re: NTFS Encryption"
- Previous message: wdtj_at_yahoo.com: "Chaining x.509 certificates"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 27 Apr 2005 15:48:48 -0700
I'm fairly new to x.509 certificates, etc. Please forgive a novice
question...
I work for a software development organization. We've used a Verisign
x.509 certificate (via keytool and jarsigner) to sign our jars before
they get shipped to customers for a few years. Now we're going to be
shipping a new product enhancement that uses https for security.
It looks like, with https, our customer will need their own x.509
certificate. They can, of course generate their own self-signed
certificate, or get one from Verisign, et al.
I'm wondering if there is a third option. For us to create a
sub-certificate off of our current one.
After digging through keytool and a whole pile of stuff on Google for a
day (and barely scratching the surface), I still have not figured out
the magical step of chaining a x.509 certificate. Keytool refers to
importing a chained certificate from the CA, but nothing about how the
CA creates it.
I suppose, if it were easy, Verisign would quickly go out of business
:{)>
Any suggestions or references would be greatly appreciated.
- Next message: madman91_at_gmail.com: "Re: NTFS Encryption"
- Previous message: wdtj_at_yahoo.com: "Chaining x.509 certificates"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
