Ives Steglich wrote:
looks like the verify chain is date-safe:
General Error. The PKCS#7-object signals an error. The signature is not valid.
PKCS#7-Error 7932039: OpenCA::PKCS7->parseDepth: There is a problem with
the verification of the chain. ( error:10:certificate has expired)
so expired certificates are detected - fine
no changes necessary for this release for this topic - i think ,o)
This is not correct. The errormessage is taken from the OpenSSL library. It looks like DBM based databases return expired certs as valid ones.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
