> [rainer-open...@7val.com - Tue Apr 06 16:56:50 2010]: > > A clean build of openssl-1.0.0 (./config run without parameters) does > not > use the hashed certificate files from -CApath and fails certificate > verification. The same behavior is seen when using openssl via the > openssl > s_client command as well as the library with curl 7.20.0. The system > used here is debian lenny (5.0.4) without any openssl development > packages installed. gcc 4.3.2-1.1 and 4.2.4-6 have been tested with > identical results. make tests runs successfully: >
Please try rehashing the directories using the 1.0.0 version of OpenSSL. The certificate file hash algorithm changed in OpenSSL 1.0.0 and is not compatible with 0.9.8: this was needed to support some additional functionality. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org