Hi,
I wonder if anyone might be able to shed some light on a very strange phenomena we're seeing when we try to generate CSRs.
I can create a key with :openssl genrsa ... and then I creat a certificate signing request with :openssl req -new -key keyfile.key -out csrfile.csr
This goes through the normal questions, and creates the file "csrfile.csr" without any complaints.
When I try to use this csr to generate a self-signed certificate I invariably get "signature did not match the certificate request".
Further investigation leads to the fact that each new repetition of the same csr using the same key always produces a different signature on the csr, on one server, and yet the same key on a different server ALWAYS produces the same CSR (given the same DN and so on of course)
The openssl version 0.9.6i was installed on a Solaris 8 sun machine from a SunFreeware package.
Does anyone know of a bug that we may have, and where it might be?
I intend to uninstall the package, and replace it with newer one, however its on a live production server so downtime is sparse.
Many thanks for any ideas,
Con.
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
