In message <00a101c29bb4$e832ff30$2102000a@downtown> on Wed, 4 Dec 2002 11:47:59
-0500, "Chad Morland" <[EMAIL PROTECTED]> said:
chad.morland> [11:45am]# openssl verify server.crt
chad.morland> server.crt: unable to load certificate file
chad.morland> 18589:error:0D0A2007:asn1 encoding routines:d2i_X509_CINF:expecting an
chad.morland> asn1
chad.morland> sequence:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/as
chad.morland> n1/x_cinf.c:106:address=134852610 offset=0
chad.morland> 18589:error:0D09F004:asn1 encoding routines:d2i_X509:nested asn1
chad.morland> error:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/asn1/
chad.morland> x_x509.c:103:address=134852608 offset=2
chad.morland> 18589:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1
chad.morland> lib:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/pem/pem
chad.morland> _lib.c:291:
The certificate is wrapped in a PKCS#7 structure. You can easily see
that if you do 'openssl asn1parse -in server.crt -i'. So, what you
need to do is to extract the certificate, like this:
openssl pkcs7 -in server.crt -print_certs -out server.pem
Then you can verify it:
openssl verify server.pem
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
