2011/11/7 John Downey <jdowney / gmail.com>:
> One thing to note is that the github.com cert you've provided isn't directly
> signed by a root CA. It is signed by an intermediate CA: DigiCert High
> Assurance EV CA-1 (attached). That cert is is in turn signed by DigiCert
> High Assurance EV Root CA. When I run the attached cert through your codeI
> find it is valid.

Thanks John. But then I don't fully understand how to make it work. I
expect that browsers use the list of root CA as provided in
http://curl.haxx.se/ca/cacert.pem, am I wrong? or do the browsers also
have another list of intermediate CAs?


-- 
Iaki Baz Castillo
<ibc / aliax.net>