On Fri, Feb 10, 2006, Kyle Hamilton wrote:
> I haven't checked the archives, but if I'm not mistaken, it's because
> it's (presumably) the rootCA that is the original trusted authority
> (the 'trust anchor'), and thus the authorityKeyIdentifier is the
> anchor rather than the CA that derives its t
I haven't checked the archives, but if I'm not mistaken, it's because
it's (presumably) the rootCA that is the original trusted authority
(the 'trust anchor'), and thus the authorityKeyIdentifier is the
anchor rather than the CA that derives its trust from the anchor?
(Also: if the question has be
On Fri, Feb 10, 2006, Tim Bond via RT wrote:
>
> I am doing some interop testing with a toolkit that performs PKIX
> certificate verification and it is having a problem validating a chain I
> built with OpenSSL. What appears to be happening is that when 'ca' copies
> in the authority key informa
Hello,
I am doing some interop testing with a toolkit that performs PKIX
certificate verification and it is having a problem validating a chain I
built with OpenSSL. What appears to be happening is that when 'ca' copies
in the authority key information into the client certificate, it is pulling
OpenSSL self-test report:
OpenSSL version: 0.9.8a
Last change: Remove the functionality of
SSL_OP_MSIE_SSLV2_RSA_PADDI...
Options: --prefix=/usr/local no-asm no-gmp no-krb5 no-mdc2 no-
rc5 no-shared no-zlib no-zlib-dynamic
OS (uname): SunOS caliban 5.9 Generic_118558-21 sun4
attached you can find the 'make report' output from one of my
Solaris9 maschines.
I used the SunStudio11 compiler on Solaris9 (SUN Fire V890)
Is there any fix available for this problem ?
thanks in advance !
regards,
Steffen
--
Steffen Unger <[EMAIL PROTECTED]>
__
On Fri, Feb 10, 2006, Kyle Hamilton wrote:
> (the 'non-security-policy-compliant' part comes from the extra
> parameter to ./config -- I can't touch the OpenSSL build that's
> already in the system directories, and the security policy states that
> no other parameters can be passed to ./config. [
I have a slightly non-standard (and non-security-policy-compliant)
FIPS mode setup, generated with:
cvs -d/home/kyle/openssl/repository co -rOpenSSL_FIPS_1_0 \
-d /home/kyle/openssl/work openssl
./config fips --prefix=/home/kyle
make
make test
make install
(the 'non-security-policy-compliant' part