Re: (SPAM) Retrieving Root CA certificate using "openssl s_client -showcerts" command

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> On Nov 8, 2016, at 4:26 AM, Erwann Abalea <Erwann.Abalea@xxxxxxxxxxxx> wrote:
> 
> The root certificate is not expected to be sent by the server, as it already needs to be known and trusted by the client.
> However, you’re free to configure your server to send it, for debugging or informational purposes.

A root CA certificate MUST be sent when the server's DANE-TA(2)
TLSA record designates that root as a trust-anchor.

	https://tools.ietf.org/html/rfc7671#section-5.2

-- 
	Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux