On Sun, Jul 02, 2006, snacktime wrote: > > openssl verify -CAfile chain.pem test.cer > test.cer: /CN=test/OU=test/O=test/ST=test/emailAddress=test/C=test > error 20 at 0 depth lookup:unable to get local issuer certificate >
That means it can't find the CA that signed test.csr. That could be because its the wrong CA in "chain.pem" or the names don't match or there is an extension issue. > > So anyways I am at a loss as to how to debug this further. I'd be > happy to post the certificates in question if that helps. > Yes that would help, please post them. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]