Hi,
Thanks for reply.
Yes, it is verign certificate. Even though version info NULL
(X509->cert_info->version == NULL), the certifiate verified as valid, the
hash creation is equal to the hash in the certificate. I observed, for some
X509 V1 certificate the version field is NULL, and for some it is not NULL.
Here Iam attacheing 2 certificates in PEM format. For the cert
"test_root4.pem" the version fiels is NULL and for the cert "test_root5.pem"
version field is not NULL.
But both the certificates verified valid while debugging.
I couldn't guess why verison info NULL for some certs?
Thanks,
Madhu
On 9/1/08, Erwann ABALEA <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> Hodie Kal. Sep. MMVIII est, Madhusudhan reddy scripsit:
> > Thanks for the reply. What i mean here is while loading
> X509
> > V1 certificate using the API "PEM_read_bio_X509_AUX(), the verisn
> filed
> > itself is null, not the value. Pls check the attached .jpg for the
> screen
> > shot.
>
> The version field is defined as:
> version [0] EXPLICIT Version DEFAULT v1
>
> The Version type is defined as:
> Version ::= INTEGER { v1(0), v2(1), v3(2) }
>
> DEFAULT implies OPTIONAL, and if this field is absent, then it has to
> be considered a version 1 certificate.
>
> I saved your certificate (a VeriSign one, it seems) to a file, and
> checked its signature:
> openssl verify -CAfile rootv1.pem rootv1.pem
> which replied "Ok".
> Do you have a better example of a "bad" certificate?
>
> --
> Erwann ABALEA <[EMAIL PROTECTED]>
> -----
> I can't be stupid, I completed third grade!
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [email protected]
> Automated List Manager [EMAIL PROTECTED]
>
test_root4.pem
Description: Binary data
test_root5.pem
Description: Binary data
