[openssl-users] CA design question?
Walter.H at mathemainzel.info
Sat Dec 5 21:37:43 UTC 2015
On 05.12.2015 20:20, Viktor Dukhovni wrote:
> On Sat, Dec 05, 2015 at 07:55:50PM +0100, Walter H. wrote:
>> my website has an official SSL certificate, which I renewed this year to
>> have a SHA-256 certificate;
>> when I test my site with SSLLabs.com, I'm shows two certificate paths:
>> the first one:
>> my SSL cert (SHA-256) sent by server
>> the intermediate (SHA-256) sent by server (SHA1 Fingerprint:
>> the self-signed (SHA-256) in trust store (SHA1 Fingerprint:
> All this obfuscation is rather pointless (and annoying), please
> just post the certificates.
take these examples
they both have two certificate paths, especially the of sixxs.net would
be interesting if someone can explain,
one path has 3 certs and the other path 4 certs ...
>> now my question how would it be possible to generate a SSL certificate that
>> can be used with two different certificate paths?
> There are two versions of one of the issuer certificates.
the certificate that issued the SSL cert. is the same in both samples above;
only the root CA cert is different, how would I generate such a situation?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4312 bytes
Desc: S/MIME Cryptographic Signature
More information about the openssl-users