(Forwarded to openssl-users)
The subjectName of file4.pem matches the issuerName of file3.pem, the
signature block in file3.pem, when verified with the public key of
file4.pem, gives a correct signature for the tbsCertificate of file3.pem.
But Openssl also (incorrectly, IMO) checks that file4.pem.SKI matches
file3.pem.AKI, and refuses to go further (here, AKI doesn't match SKI).
--
Erwann ABALEA
Le 03/04/2015 03:10, Yuting Chen a écrit :
I used OpenSSL to verify a certificate file (file3.pem) against
another certificate file (file4.pem). OpenSSL reports that it cannot
find the issuer of the cert in file3.pem; while when I displays
file3.pem and file4.pem, it appears that the issuer of the cert in
file3.pem is the same as the subject of the cert in file4.pem. Did I
miss anything?
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users