I checked the parameters of your 4008 bits key and it is indeed invalid (q is not prime). How did you generate it? It would be surprising if it was done through OpenSSL.
Anyway, you must generate a new RSA key.


On 8/7/2010 1:21 PM, Georgi Guninski wrote:
openssl-1.0.0a on ubuntu, debian and arch.
attached a private key and a cert.

~/local/bin/openssl s_server -www -accept 8888 -cert /tmp/CA.cert  -key 

~/local/bin/openssl s_client -connect localhost:8888

depth=0 CN = CA
verify return:1
*** glibc detected *** /home/build/local/bin/openssl: double free or corruption 
(fasttop): 0x0000000000979300 ***

  ~/local/bin/openssl rsa -check -in /tmp/CA.key |more
writing RSA key
RSA key error: q not prime # definitely

OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to