In the Simple PKI example, step 5.4 "View PKCS#7 bundle", the "-in" option
points to "ca" directory, but the bundle was created in step 4.3 "Create
PKCS#7 bundle" in the "certs" directory". I.e.:
Step 4.3:
openssl crl2pkcs7 -nocrl \
-certfile ca/signing-ca.crt \
-certfile ca/root-ca.crt \
-out certs/signing-ca-chain.p7c \ <---- certs directory
-outform der
Step 5.4:
openssl pkcs7 \
-in ca/signing-ca-chain.p7c \ <---- ca directory
-inform der \
-noout \
-text \
-print_certs
So far though, this has been a helpful tutorial for a noob to PKI. Thanks!
Kevin
On Sun, Apr 21, 2013 at 5:56 AM, Stefan H. Holek <ste...@epy.co.at> wrote:
> Hi All!
>
> I have updated the OpenSSL PKI tutorial at readthedocs. The tutorial takes
> a novel approach without ever referring to openssl.cnf or CA.pl (yuck). You
> can find it here:
>
> https://pki-tutorial.readthedocs.org/
>
> Thanks to everyone who has provided feedback for the first version. I
> heard your call for more verbosity! The first two examples now have much
> more detailed instructions, and I hope that by the third example you won't
> need instructions anymore. ;-)
>
> Cheers,
> Stefan
>
> --
> Stefan H. Holek
> ste...@epy.co.at
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
