[openssl-users] How can I set up a bundle of commercial root CA certificates? (FAQ 16)

Ben Humpert ben at an3k.de
Sun Dec 13 21:55:08 UTC 2015


2015-12-13 20:27 GMT+01:00 Viktor Dukhovni <openssl-users at dukhovni.org>:
>
> This is both wrong and irrelevant.  The OP should proceed as instructed.
> OpenSSL's CAfile feature reads multiple certificates from a single file.

Exactly that is the point. Only "linux based" tools will be able to
read such a pem file. Windows certificate tools are not able to do so.
And we don't know on which client OP will have to use that pem file,
thus give advise that works on all clients, not just OpenSSL or GnuTLS
or whatever.


More information about the openssl-users mailing list