I've added a workaround to the OpenSSL 1.0.2 and master branches: if you use
-nocerts and -certfile you can control the order of certificates in the PKCS#7
structure.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
Hi ,
Do you have any update on this?
Thanks
SatishKumaar
-Original Message-
From: Satish Kamavaram
Sent: Friday, April 18, 2014 12:29 PM
To: 'r...@openssl.org'
Cc: openssl-dev@openssl.org; Retheesh Ravi
Subject: RE: [openssl.org #3316] Wrong trust chain with new version of openssl
: Wednesday, April 16, 2014 11:44 PM
To: Satish Kamavaram
Cc: openssl-dev@openssl.org
Subject: [openssl.org #3316] Wrong trust chain with new version of openssl
On Wed Apr 16 19:37:20 2014, satis...@mportal.com wrote:
Hi ,
When the iOS WiFi Profile is signed using new openSSL 1.0.1 version
To: Satish Kamavaram
Cc: openssl-dev@openssl.org
Subject: [openssl.org #3316] Wrong trust chain with new version of openssl
On Wed Apr 16 19:37:20 2014, satis...@mportal.com wrote:
Hi ,
When the iOS WiFi Profile is signed using new openSSL 1.0.1 version,
it specifies the certificate chain in reverse
Hi ,
When the iOS WiFi Profile is signed using new openSSL 1.0.1 version, it
specifies the certificate chain in reverse order causing the device not to
recognize the certificate chain and show Not Verified. However, when we sign
using version 0.9.8k, the chain is included in the correct order
On Wed Apr 16 19:37:20 2014, satis...@mportal.com wrote:
Hi ,
When the iOS WiFi Profile is signed using new openSSL 1.0.1 version,
it specifies the certificate chain in reverse order causing the
device not to recognize the certificate chain and show Not
Verified. However, when we sign using
