[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Why is HTTPS working? Server cert signed by GoDaddy, but they arenot listed as a CA in my certificate store....
- From: "Ian Patterson" <ian@xxxxxxxxxxxxxxxxx>
- To: "HTTPAPI and FTPAPI Projects" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
- Subject: RE: Why is HTTPS working? Server cert signed by GoDaddy, but they arenot listed as a CA in my certificate store....
- Date: Fri, 11 May 2012 16:34:02 +0100
Not sure whether I am adding anything to this thread, but..
The cert below is an SSL certificate issued to *mercurygate.net
The Certification path is
(CA Root level) Go Daddy Class 2 Certification Authority
(Intermediate level) Go Daddy Secure Certification Authority
(End cert) *mercurygate.net
In my implementations of HTTP at OS400 versions 5.4 and below, CA's do not
seem to be checked.
Regards
Ian Patterson
Grange IT Limited
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx]On Behalf Of Charles Wilt
Sent: 11 May 2012 16:03
To: HTTPAPI and FTPAPI Projects
Subject: Re: Why is HTTPS working? Server cert signed by GoDaddy, but
they arenot listed as a CA in my certificate store....
I considered that...
But when looking at the certs, I don't see any reference to any other
signer...
Here's the cert, as dumped by HTTPAPI...if anybody with more expertise
wants to look...
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIHJ8oGt9+S4zANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE
BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY
BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm
aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5
IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky
ODcwHhcNMTIwMjAxMTYyOTIyWhcNMTQwMzAxMTg0OTQ4WjBbMRowGAYDVQQKDBEq
Lm1lcmN1cnlnYXRlLm5ldDEhMB8GA1UECwwYRG9tYWluIENvbnRyb2wgVmFsaWRh
dGVkMRowGAYDVQQDDBEqLm1lcmN1cnlnYXRlLm5ldDCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAMHbuWX9qJMPBHyMBQMoLgmai9eUcuIAmL+3EAyx8z4a
lhptpQDy/iUD+V6/U33W5x9htdXNm0HiRXw36DXZ6x14S67mmq2gV8QmvJPzerbH
vdwEyPH7LkTytIjbXaXC6zdTpGSZ3/h6SI8Qhbhy+9uuk8ulKIFscwzf9Zfx9Zv4
b4j0Yhtdee1EbLi1TJ4w1Q+LD1iiIsFOdLnVoYcOG4lNVy62lz56rjt+wCjJhO+Y
rhlVB84s1ku8mRwRm+c9lsiJG3icXP5pxgeWlfLfEG6dnGZwN3jeauvFQNaDBo7y
7wA4s3xQmwaHUCYgiRKZNhdpL1E2rb5kET3ndTLBJ+ECAwEAAaOCAcAwggG8MA8G
A1UdEwEB/wQFMAMBAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4G
A1UdDwEB/wQEAwIFoDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmdvZGFk
ZHkuY29tL2dkczEtNjMuY3JsMFMGA1UdIARMMEowSAYLYIZIAYb9bQEHFwEwOTA3
BggrBgEFBQcCARYraHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBv
c2l0b3J5LzCBgAYIKwYBBQUHAQEEdDByMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz
cC5nb2RhZGR5LmNvbS8wSgYIKwYBBQUHMAKGPmh0dHA6Ly9jZXJ0aWZpY2F0ZXMu
Z29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZF9pbnRlcm1lZGlhdGUuY3J0MB8GA1Ud
IwQYMBaAFP2sYTKTbEXW4u6FX5q653aZaMznMC0GA1UdEQQmMCSCESoubWVyY3Vy
eWdhdGUubmV0gg9tZXJjdXJ5Z2F0ZS5uZXQwHQYDVR0OBBYEFDejSbwkyrDvpSLv
dbDHt+kwgBCxMA0GCSqGSIb3DQEBBQUAA4IBAQAQLW9sIWex0ITpu1Exm2Rmp+Jp
89q2URFga6fQrf+O79A4h54srgiZiGEIxpYhBIGMOusTnvnVU6ag/OoInapG7oaP
zXBrs5bvUw5T7QzG6LsIpKIpiTDatNcAQncUOyRtBecWjqUEMw7rc5SrAjom3KY3
r5CHfRCeYv1sOy/nDoZkcQViJc4gcPr/5Q/XtwOcCgjLzGNy27iukbSNsqtleXRu
rN/wNNmamZcOHCfHTaYfvqgdBlPxPqlcBItvHdxCy4OHFcv9c4nkBDzXJotFMhhs
dVU/twusscWc2b7AHTke+Xlxn8akKxg9/8ix0y3nSOVEGthk4aiYnO9R+QIz
-----END CERTIFICATE-----
Charles
--
On Fri, May 11, 2012 at 9:02 AM, Mike Wills <mike@xxxxxxxxxxxx> wrote:
> I think they are underwritten (is that the right terminology?) by
> another certificate provider.
>
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------