On Mon Jan 19 14:40:32 2015, steve wrote: > > The problem is that the two fields containing the signature algorithm > do not match. >
The current 'x509' utility can't show this difference (I have an option I'm testing which will). It is possible to use the cms command diagnostic output though: openssl crl2pkcs7 -nocrl -certfile RabbitMQ_Test.pem | openssl cms -cmsout -print -inform PEM ... signature: algorithm: sha256WithRSAEncryption (1.2.840.113549.1.1.11) parameter: <ABSENT> ... sig_alg: algorithm: sha256WithRSAEncryption (1.2.840.113549.1.1.11) parameter: NULL [sig_alg is the name of the field used internally by OpenSSL to store the signatureAlgorithm field] Whereas another case (e.g. test apps/server.pem) shows: signature: algorithm: sha1WithRSAEncryption (1.2.840.113549.1.1.5) parameter: NULL sig_alg: algorithm: sha1WithRSAEncryption (1.2.840.113549.1.1.5) parameter: NULL Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
