Richard Levitte - VMS Whacker via RT wrote:
> I just test, with OpenSSL 0.9.7a-dev (fresh checkout), the command to
> generate a self-signed cerificate according to the example in
> x509.pod:
>
> openssl x509 -in cert.pem -addtrust sslclient \
> -alias "Steve's Class 1 CA" -out trust.pem
>
> I expected it to fail because it wouldn't find those files. However,
> the error was more of an unexpected one:
>
> Invalid trust object value sslclient
>
> And I can't quite blame it, I can't really see where that object would
> find itself into the object database. What am I missing?
I think it's a typo. From 'man x509' :
</snip>
-addtrust arg
adds a trusted certificate use. Any object name can be
used here but currently only clientAuth (SSL client
use), serverAuth (SSL server use) and emailProtection
(S/MIME email) are used. Other OpenSSL applications
may define additional uses.
</snap>
=> I guess the example should be:
"openssl x509 -in cert.pem -addtrust clientAuth \
-alias "Steve's Class 1 CA" -out trust.pem"
Regards,
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
