Re: [Fed-Talk] IDTrust certificates
Re: [Fed-Talk] IDTrust certificates
- Subject: Re: [Fed-Talk] IDTrust certificates
- From: Paul Derby <email@hidden>
- Date: Wed, 26 Mar 2008 15:01:43 -0400
So where does one get the "DST Root CA X3" cert that hasn't expired?
I sent a help request to IdenTrust. Don't know when their New Delhi,
India branch will respond.
On Mar 26, 2008, at 2:50 PM, Timothy J Miller wrote:
On Mar 26, 2008, at 1:15 PM, Paul Derby wrote:
We are having trouble getting the root and intermediate
certificates so that Safari and FireFox on OS X are happy with the
server certificate. The IdenTrust web page http://www.identrust.com/support/downloads.html
for root certificate downloads for the TRUSTID certs is out of
date and seems to be worthless for Safari and Firefox users.
DST RootCA X1 is still valid; it's the sub-CA "DST Root CA X3" (why
is this called a root?) and the sub-CA "TrustID CA 1" certs that are
expired.
FWIW, DST RootCA X1 is pre-installed in Tiger, Leopard and Firefox,
so you won't have to distribute root trust. You only need to
distribute the sub-CA certs, but these can be installed in Keychain
Access easily (save as .cer and double click on it) and into Firefox
(import into Authorities under Certificate Manager).
It would be best to spank IdenTrust into updating their freakin' web
page.
-- Tim
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden