Hi Steve, You're correct: it's just an issue of the new hash form. My apologies; I thought I'd checked the hash output, but I must've gotten mixed up. It works fine with the proper hash-links in place.
Kevin >________________________________ > From: Stephen Henson via RT <[email protected]> >To: [email protected] >Cc: [email protected] >Sent: Tuesday, January 31, 2012 2:39 PM >Subject: [openssl.org #2700] BUG: v1.0.0 / openssl verify no longer works with >-CApath > >> [[email protected] - Tue Jan 31 18:45:29 2012]: >> >> Hi, >> This is a bug report against v1.0.0: openssl verify no longer works >> with -CApath. `cat'ing the contents of -CApath into a file and using >> -CAfile does still work: >> >> With a properly configured CApath: >> >> $ ls ./trust_root/ >> DoD_Root_CA_2.pem >> DOD_Bundle.pem >> DOD-Email-CA-24.pem.cer >> ffb07f59.0 -> DOD-Email-CA-24.pem.cer >> f445e798.0 -> DoD_Root_CA_2.pem >> > >Have you tried rebuilding the links using OpenSSL 1.0.0 or later? The >link algorithm changed from 0.9.8->1.0.0. > >Steve. >-- >Dr Stephen N. Henson. OpenSSL project core developer. >Commercial tech support now available see: http://www.openssl.org > > > >
