I have a question regarding the chained certificates, and perhaps an issue to report.
I have 3 files in total, the server certificate, the server key, and the certificate authority certificate. Apache has a setting named "SSLCertificateChainFile" that allows to specify a path to the CA certificate, but lshttpd allows only to set the "Chained Certificate" to Yes. The question is, how lshttpd manages to chain the certificates, without the path to the chain certificate?
Now the issue, is related to the question I believe. Sometimes, I'm getting a warning "The certificate is expired or not valid yet", and when I'm checking in the "certification path", I can see that the middle certificate (there are 3), is noted by an X. When I view his details, I can see that it is valud from 1997-2004 - a year ago. A refresh of the page resolves the matter, but it eventually repeats.
I'm using LSHTTP 2.1RC2, and Verisign SSL certificates.