Buffalo Dickens schrieb:
Dear all, I encountered a strange problem. I generated self-signed certificates and want to test whether they work OK.[EMAIL PROTECTED] openssl verify -verbose -purpose sslclient -CApath /path/to/CA/ /path/to/cert.crt /path/to/cert.crt: /C=US/ST=America/L=CA/O=UC/OU=CS/CN=www.abc.org error 20 at 0 depth lookup:unable to get local issuer certificate [EMAIL PROTECTED] openssl verify -verbose -purpose sslclient -CAfile /path/to/CA/ca.crt /path/to/cert.crt /var/cosign/certs/cosignserver.crt: OK I am not at all familiar with openssl and certificate. Please help me! Any suggestion is welcome!
Quoted from http://www.openssl.org/docs/apps/verify.html: ** -CApath directory** A directory of trusted certificates. The certificates should have names of the form: hash.0 or have symbolic links to them of this form (``hash'' is the hashed certificate subject name: see the *-hash* option of the *x509* utility). Under Unix the *c_rehash* script will automatically create symbolic links to a directory of certificates.I'd assume the names of the certificate files are not according to the requirements of CAparh...
Hope it helps. Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26
smime.p7s
Description: S/MIME Cryptographic Signature
