Hello,
Please ignore this. Did a very big mistake because was not paying attention to what is actually loaded Seems like symlink created my c_rehash where loaded with success prior to reaching the actual certificate. Again I am sorry, Ionut On Tue, Jan 21, 2014 at 2:36 PM, Putinei .Ionut <putineiio...@gmail.com>wrote: > Hello, > > > Adding some more infor about openssl version used: > > /etc/trusted_certs # openssl version -a > OpenSSL 1.0.1e-fips 11 Feb 2013 > built on: Wed Oct 16 10:54:53 EDT 2013 > platform: linux-generic32 > options: bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) > blowfish(ptr) > compiler: armv7at2vfpneon-target-linux-gnueabi-gcc -fPIC -DOPENSSL_PIC > -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DTERMIO > -Wall -g -Os -fomit-frame-pointer -pipek > OPENSSLDIR: "/usr/lib/ssl" > engines: dynamic > > > Is it something wrong about the way is compiled? > > > Regards, > Ionut > > > On Mon, Jan 20, 2014 at 1:39 PM, Putinei .Ionut <putineiio...@gmail.com>wrote: > >> Hello guys, >> >> >> seen in changelog >> >> The functions X509_STORE_add_cert() now checks for an >> exact match, rather than just subject name. >> >> Can someone please explain me how to debug this and make things work? >> Maybe because certificates are wrong...or using deprecated api? >> >> >> PS: the problem with validate peer on ssl connection was solved by >> setting the clock properly. >> Still need to load the trust chain so I can verify some signed xmls. >> >> Thanks, >> Ionut >> >> >> On Tue, Jan 14, 2014 at 2:52 PM, Putinei .Ionut >> <putineiio...@gmail.com>wrote: >> >>> Hello guys, >>> >>> I do not know if this is a openssl issue or curl/xmlsec. >>> I have certificates for trust chain (x509) that are not loaded by >>> xmlsec and also does not validate peer on ssl connection. >>> >>> The fails in xmlsec report error at openssl function >>> <X509_STORE_add_cert> >>> >>> Run environment is arm. >>> xmlsec library on host (x86) it works it works ----is same version. >>> >>> On host openssl is older.....the default version from ubuntu 12.04 and i >>> have no problems ..neither with errors from xmlsec neither from curl. >>> >>> *certifcates have same md5sum both on host and arm environment. >>> >>> >>> If you know a patch that is must apply please share. >>> >>> Thanks, >>> Ionut >>> >>> >>> >>> >> >
