I've downloaded openssl-SNAP-20031031 and successfully installed it on a Redhat 9 system.
I can successfully generate and self-sign RSA certificates. When I transfer the certificates to a Win2k system, I can open the certificate and the properties indicate that it is a valid certificate. However, for all ECC generated certificates, it's a different story. For all certificates I've generated and the ones generated by /openssl-SNAP-20031031/demos/ssltest-ecc/ECCcertgen.sh show up as invalid in Win2k. The 'General' tab for the certificate reads "The integrity of this certificate cannot be guaranteed. The certificate may be corrupted or may have been altered.". The 'Certificate status' on the 'Certification Path' tab, reads "This certificate has an nonvalid digital signature." What does this mean and how can I fix it? I am executing the following to generate the certificate: openssl ecparam -name sect163k1 -genkey -out ecc1.pem openssl ec -in ecc1.pem -des3 -out ecc1.key openssl req -new -x509 -days 365 -key ecc1.key -out ecc1.crt Any help would be appreciated. Nabil. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
