HTTPS and Root.pem...

Mark Waddingham 36degrees at runrev.com
Sun Jun 5 16:58:36 EDT 2005


Hi Andre,

[ Thought I posted this yesterday but it must have been from a non-list
friendly email-address... ]

Have you tried the Thawte Root Certificate (of the appropriate hue)?

http://www.thawte.com/roots/

Every Certificate Authority (CA) has a different root certificate that
is needed locally for interaction with an HTTPS which has that authority
as it's root authority.

Any certificate that has been issued actually represents a chain of
trust: the issued certificate is signed by some trusted entity which
then has its certificate signed by another trusted entity etc. etc.
right up til something gets signed by a Certificate Authority.

Roughly, the SSL library will request certificates in turn for each step
in the chain, verifying as it goes. However, when it gets to the end of
the chain it has no-one to ask to verify the final (CA) certificate and
so it must verify it against a local copy.

Warmest Regards,

Mark.

------------------------------------------------------------------
 Mark Waddingham ~ 36degrees at runrev.com ~ http://www.runrev.com
       Runtime Revolution ~ User-Centric Development Tools



More information about the use-livecode mailing list