|
Posted by on April 27, 2005, 3:48 pm
If you were Registered and logged in, you could reply and use other advanced thread options
I'm fairly new to x.509 certificates, etc. Please forgive a novice
question...
I work for a software development organization. We've used a Verisign
x.509 certificate (via keytool and jarsigner) to sign our jars before
they get shipped to customers for a few years. Now we're going to be
shipping a new product enhancement that uses https for security.
It looks like, with https, our customer will need their own x.509
certificate. They can, of course generate their own self-signed
certificate, or get one from Verisign, et al.
I'm wondering if there is a third option. For us to create a
sub-certificate off of our current one.
After digging through keytool and a whole pile of stuff on Google for a
day (and barely scratching the surface), I still have not figured out
the magical step of chaining a x.509 certificate. Keytool refers to
importing a chained certificate from the CA, but nothing about how the
CA creates it.
I suppose, if it were easy, Verisign would quickly go out of business
:{)>
Any suggestions or references would be greatly appreciated.
| 
XML site map