Derving the root CA's cert from a given SSL cert
Locked
Derving the root CA's cert from a given SSL cert
 
|
Re: Derving the root CA's cert from a given SSL cert
|
|
No (with qualifications). If the server sends you the entire
certificate chain, then yes you can retrieve the root certificate since it was sent to you. If the server only sends you it's certificate, then all you have is the server's pubic key digitally signed by the issuer. The issuer's certificate is not embedded within. On Jun 1, 2005, at 11:01 AM, Davy Durham wrote: > Hi, > I was wondering if it's possible to derive (or extract?) the root > CA's cert from an given SSL cert using openssl. > > What I mean by "root CA's cert" is the certficate that would be > installed in a browsers list of trusted CAs. > > For instance if I have an SSL certificate signed by verisign, I > would like to get verisign's certificate out of that cert that > would have to be in the browser's trusted list (for it to be trust). > > > Is this possible? > > Thanks, > Davy > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [hidden email] > Automated List Manager [hidden email] > |
smime.p7s (3K) | Free forum by Nabble | Edit this page |