"Stef Caunter" <[EMAIL PROTECTED]>: > # Still don't know where to put the unix .crt to have it accepted > # by openssl and not generate the lynx2.8dev9 ssl error.
can't you just get the cert from the server? you should be able to use the public-key part of it. the latest openssl-versions have not only cert checking, but also revokation-list checking (CRLs). > # copy the .crt cert to a dir > # for a server.crt file to make it human readable do > openssl asn1parse -in server.crt > # to extract just the pubkey prime number > # search this output for the number associated with BIT STRING > # use it as an arg to -strparse like the next line > openssl asn1parse -in server.crt -strparse 359 this asn-parsing shouldn't be neccessary at all, but for the conversion of keymaterial into PEM format, > # to convert the .crt file to a standard certfile that openssl likes > openssl x509 -inform DER -in server.crt -outform PEM -out new_server.crt ... this is the way to go. have you tried putting the resulting file (which you should suffix .pem, btw) into /usr/local/ssl/certs and rehashing that stuff by using .../ssl/bin/c_rehash? clemens ; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to [EMAIL PROTECTED]
