Ger Hobbelt via RT wrote:
> On Wed, Mar 11, 2009 at 1:49 PM, Vladimir Kotal <[email protected]>
> wrote:
>> Hello,
>>
>> In case the openssl verify command is not able to process input file, it
>> reports the usage even if the usage is perfectly okay:
>>
>> $ openssl verify -CAfile /local/Saved/SMI_SSL_CA-chain.pem cert.cer
>> Error loading file /local/Saved/SMI_SSL_CA-chain.pem
>
> ^^^ that's the error line. (Yes, rather low on content, but this is
> most probably due to OpenSSL not being able to open that file at all.)
>
> Did you check the access rights and if the file exists at that precise
> location?
There is no problem in opening the file at all:
$ truss -f openssl verify -CAfile /local/Saved/SMI_SSL_CA-chain.pem
cert.cer 2>&1 | grep SMI_SSL_CA-chain.pem
26443: open64("/local/Saved/SMI_SSL_CA-chain.pem", O_RDONLY) = 4
Error loading file /local/Saved/SMI_SSL_CA-chain.pem
$
SMI_SSL_CA-chain.pem contains PKCS7 data which can be normally parsed
and displayed via 'openssl pkcs7'. After extracting the certificates
from the file, verify has no problem loading it.
However, I was rather reporting wrong error handling (bad usage should
be reported only in case it is wrong).
v.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
