[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Looking for a simple SSL-CA package

On Sat, Aug 23, 2003 at 07:38:25PM +0200, Adam ENDRODI wrote:

> On Fri, Aug 22, 2003 at 01:04:54PM -0400, Matt Zimmerman wrote:
> > On Thu, Aug 21, 2003 at 12:56:30PM +0200, Tarjei Huse wrote:
> > 
> > > I'm no expert on handling certificates and I hope not having to learn 
> > > all the commandline switches of openssl by heart. However, I do need a 
> > > simple setup of a CA that I may use for creating selfsigned 
> > > certificates, webpages that clients may use to import the certificates 
> > > and also a way to organize certificare revocationlists etc.
> > 
> > You don't need a CA to create self-signed certificates (by definition there
> > is no CA involved if the certificate is self-signed).
> 
> Perhaps I just misinterpret the terminology, but I've had the
> impression that every certificate should be signed, so should the
> root of the tree too.  Since they sit at the top of the hierarchy
> they must be self signed.  Am I missing something?

It doesn't sound like you're missing something, except insofar as you seem
to think that what you said conflicts somehow with what I said.

-- 
 - mdz
Reply to: