Richard Levitte via RT wrote:
What happens is that if serial contains '00' when you sign, the
DB_serial field in index.txt will end up containing '0', not '00'.
The next time you try to sign a certificate, 'openssl ca' will
notice that the DB_serial field has an incorrect length (the
Richard Levitte via RT wrote:
OK, I just haven't seen further communication on this, so I've no
idea what conclusoins you came to. It's very possible that the CA
certificate didn't match the issuer of the certificate you wanted to
verify. Do you have the possibility to send me the
Stephen Henson via RT wrote:
[[EMAIL PROTECTED] - Mon Aug 26 10:33:29 2002]:
I found the solution: I just commented out the lines 675-676 in
apps/ca.c -
now everything works as expected.
Since this just disables the check it isn't a good idea.
It is not disabled - some other
[EMAIL PROTECTED] via RT wrote:
hello Olaf
ich have the same problem with the
openssl bad serial number length
its also with the 2. request with my self -signed ca
but now i have suse 6.4 with 2.2.14
and there ich can't find the file ca.c
is there another way to solve the problem,
OpenSSL self-test report:
OpenSSL version: 0.9.6g
Last change: [In 0.9.6g-engine release:]...
Options: no-idea --prefix=/usr/local --openssldir=/usr/local/ssl
no-threads shared
OS (uname): Linux binky 2.4.19 #1 Fri Aug 9 10:17:44 CEST 2002 i586
unknown
OS (config):
OpenSSL self-test report:
OpenSSL version: 0.9.6g
Last change: [In 0.9.6g-engine release:]...
Options: no-idea --prefix=/usr/local --openssldir=/usr/local/ssl
no-threads shared
OS (uname): Linux binky 2.4.19 #1 Fri Aug 9 10:17:44 CEST 2002 i586
unknown
OS (config):
OpenSSL self-test report:
OpenSSL version: 0.9.6g
Last change: [In 0.9.6g-engine release:]...
Options: no-idea --prefix=/usr/local --openssldir=/usr/local/ssl
no-threads shared
OS (uname): Linux binky 2.4.19 #1 Fri Aug 9 10:17:44 CEST 2002 i586
unknown
OS (config):