On Wed Apr 16 19:37:20 2014, satis...@mportal.com wrote: > Hi , > > When the iOS WiFi Profile is signed using new openSSL 1.0.1 version, > it specifies the certificate chain in reverse order causing the > device not to recognize the certificate chain and show "Not > Verified". However, when we sign using version 0.9.8k, the chain is > included in the correct order and the device is showing the profile > as a "Verified" one , at the time of showing profile installation > prompt. Is there a possibility that we will get a fix in next > version of openssl ? >
I'm not sure what you mean by "correct order". The order of certificates in a PKCS#7 structure should not be considered significant and there is additional information (issuer name and serial number) which should enable a verifier to locate the appropriate signing certificate. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org