CA guidance

[Andrew <as...@ezan.ac.ru>]

 Hi, I'm using jdk1.4 final and I want to use SSL with Tomcat for
CLIENT-CERT authentification.
I've created self-signed certificate by keytool but how I can issue
certificates for my company based on this(without third party CA)?

Thanks in advice.




--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>

Re: CA guidance

[Chuck Amadi <ch...@breconbeacons.org>]

Andrew wrote:

> Hi, I'm using jdk1.4 final and I want to use SSL with Tomcat for
>CLIENT-CERT authentification.
>I've created self-signed certificate by keytool but how I can issue
>certificates for my company based on this(without third party CA)?
>
>Thanks in advice.
>
>
>
>
>--
>To unsubscribe:   <ma...@jakarta.apache.org>
>For additional commands: <ma...@jakarta.apache.org>
>Troubles with the list: <ma...@jakarta.apache.org>
>
Sorry i was under the impression That the administer of the server 
registers with the CA and pays a fee .(Yep a Fee) Thus the CA checks out 
the server, and then grants it a cert with an expiry date that can be 
used for authentication.
The trusted Certification Authority is the third party who  issue the 
digital certs.

So i am lead to believe you can for production and development purposes 
but we do not have CA - issued certs that are trusted by other servers 
to handshake with clients.

As you can see why should i trust you as a CA. thus ensuring  who you 
claims to be is governed by a TRUSTED CA.


I hope this helped as i am currently working on this in our organisation.

Cheers Chuck Amadi
System Programmers



--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>