Ger Hobbelt via RT wrote:
On Wed, Mar 11, 2009 at 1:49 PM, Vladimir Kotal <[email protected]> wrote:
Hello,
In case the openssl verify command is not able to process input file, it
reports the usage even if the usage is perfectly okay:
$ openssl verify -CAfile /local/Saved/SMI_SSL_CA-chain.pem cert.cer
Error loading file /local/Saved/SMI_SSL_CA-chain.pem
^^^ that's the error line. (Yes, rather low on content, but this is
most probably due to OpenSSL not being able to open that file at all.)
Did you check the access rights and if the file exists at that precise location?
There is no problem in opening the file at all:
$ truss -f openssl verify -CAfile /local/Saved/SMI_SSL_CA-chain.pem
cert.cer 2>&1 | grep SMI_SSL_CA-chain.pem
26443: open64("/local/Saved/SMI_SSL_CA-chain.pem", O_RDONLY) = 4
Error loading file /local/Saved/SMI_SSL_CA-chain.pem
$
SMI_SSL_CA-chain.pem contains PKCS7 data which can be normally parsed
and displayed via 'openssl pkcs7'. After extracting the certificates
from the file, verify has no problem loading it.
However, I was rather reporting wrong error handling (bad usage should
be reported only in case it is wrong).
v.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
