> ./openssl s_client -connect www.ukweb.com:443 -CAfile cacert.pem
>
> 15929:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not
>01:rsa_pk1.c:119:
> 15929:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check
>failed:rsa_eay.c:409:
> 15929:error:0D079006:asn1 encoding routines:ASN1_VERIFY:bad get asn1 object
>call:a_verify.c:111:
I've verified the problem was introduced in the 0.9.1b patch in some of
the new recursion code, and it affects verification of signatures for
quite a number of sites. A quick fix is to undef BN_RECURSION in bn.org.
Mark
Mark J Cox, ......................................... www.awe.com/~mark
Latest news on the Apache Web Server ............... www.apacheweek.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
