tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "robert lazarski" <robertlazar...@gmail.com>
Subject Re: Can APR use verisign certs ?
Date Wed, 10 Jan 2007 15:21:35 GMT
On 1/10/07, Bill Barker <wbarker@wilshire.com> wrote:
>
> In all the gory details, it seems that at the moment the app in question is
> only sending it's own cert back to the browser (instead of the entire
> chain).  However all browsers recognize Verisign's cert as a signer, so they
> don't care.  Older browsers (or JDKs :) will have the expired copy of VS's
> intermediate cert, and so can't validate the cert chain anymore, and so will
> give an error (those of us using Apache Httpd have had this problem for
> awhile now :).  The solution is to force TC to send the newer intermediate
> cert back with the handshake, so the browser/JDK only has to find the root
> VS cert.
>

I think I fixed this via the SSLCertificateChainFile param and the
immediary cert from verisign . So on my tests, ie6 , firefox 1.5 and
firefox 2.0 . Could I please get some independant verification for
this site before I tell my company its working?

https://dpt.alphatheory.com/

Great community here , the help has been greatly appreciated!!!
Robert

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message