On 15-Sep-2017 06:24, Richard Olsen wrote: > When i click on advanced i see > > "host.local.com uses and invalid security certificate. The certificate is > not trusted because the issuer certificate is unknown. The server might not > be sending the appropriate intermediate certficates. An addistional root > certificate may need to be imported. This is what you should expect to see. Your browser is telling you that your self-signed server certificate isn't part of a chain, where the top of the chain is some CA that the browser trusts (because the top-level CA is in a configuration file somewhere). You may be able to import the self-signed server certificate into the browser as a trusted root, but the slightly-better option is to set up your own top-level CA (whose certificate you import into the browser), and then use that CA to create your server and client certificates. It's a bit more work, but also more useful if you ever want to issue certificates for a different server, different client, or issue a new certificate after one expires (and not have to update all the self-signed stuff.) Regards, -- Mersenne Law · www.mersenne.com · +1-503-679-1671 Small Business, Startup & Intellectual Property Law 9600 S.W. Oak Street Suite 500 Tigard, Oregon 97223
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
