Peter Djalaliev wrote, On 2008-08-07 09:26:
> My company develops an in-line network device that possibly resigns
> certificates of SSL connections with an internal CA.
Oh, a MITM! :-)
Is there a web page where we can read more about that product?
> Currently, we do
> not handle the regular
> Um, OK. Out of curiosity, if you don't mind revealing it, please tell
> us (me) where that requirement comes from. I ask because I don't know
> of ANY public CA that issues such certs today. The last CA I knew of
> that did was the US DoD's CA that issued certificates for Fortezza cards.
My
Peter Djalaliev wrote, On 2008-08-07 07:30:
> Do the NSS APIs allow creating a new Diffie-Hellman SSL server
> certificate?
Yes, I'm pretty sure they do, but I think we have no test programs that
will do so easily. I don't recall that certutil supports the generation
of certs with DH public ke
Hello,
Do the NSS APIs allow creating a new Diffie-Hellman SSL server
certificate? From what I understand, we need to generate DH
parameters and create an X509 certificate with the DH public key (and
params) in the subject public key info. This certificate is then
signed by a CA using RSA and DS
4 matches
Mail list logo
