[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev more on SSL certificates
|
From: |
Doug Kaufman |
|
Subject: |
Re: lynx-dev more on SSL certificates |
|
Date: |
Wed, 17 Sep 2003 00:50:53 -0700 (PDT) |
On Wed, 17 Sep 2003, Henry Nelson wrote:
> To answer my own question about test sites, I found the appended two
> in the lynx-dev archives that seem to work well. To get to the final
> page, however, I had to answer (y)es to the "SSL error: ... Continue?"
> warnings listed after the sites. I'm fairly sure that cert.pem file
> was made correctly and is in the right place. How would I go about,
> say, updating the expired fortify certificate, or obtaining the
> liii local issuer certificate? I re-read a Dec 2002 post by Clemens
Both of these are expired, so it won't do much good to try to verify
good certificates here. The liii certificate is a certificate for
"www.ggn.com" signed by Gillette Global Network, which expired February
17, 2001. You can see the certificate that they are presenting by using
the openssl s_client mode to connect. The problem isn't with your
cert.pem; it is with the expired certificates at those sites. Even the
openssl.org certificate expired last month.
Sorry I don't have any good test sites for you.
Doug
--
Doug Kaufman
Internet: address@hidden
; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden