tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "robert lazarski" <>
Subject Re: Can APR use verisign certs ?
Date Wed, 10 Jan 2007 15:21:35 GMT
On 1/10/07, Bill Barker <> wrote:
> In all the gory details, it seems that at the moment the app in question is
> only sending it's own cert back to the browser (instead of the entire
> chain).  However all browsers recognize Verisign's cert as a signer, so they
> don't care.  Older browsers (or JDKs :) will have the expired copy of VS's
> intermediate cert, and so can't validate the cert chain anymore, and so will
> give an error (those of us using Apache Httpd have had this problem for
> awhile now :).  The solution is to force TC to send the newer intermediate
> cert back with the handshake, so the browser/JDK only has to find the root
> VS cert.

I think I fixed this via the SSLCertificateChainFile param and the
immediary cert from verisign . So on my tests, ie6 , firefox 1.5 and
firefox 2.0 . Could I please get some independant verification for
this site before I tell my company its working?

Great community here , the help has been greatly appreciated!!!

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message