openssl-1.0.0a on ubuntu, debian and arch.
attached a private key and a cert.
~/local/bin/openssl s_server -www -accept -cert /tmp/CA.cert -key
/tmp/CA.key
~/local/bin/openssl s_client -connect localhost:
depth=0 CN = CA
verify return:1
*** glibc detected ***
I was asked this morning where to find the X.509 specification, since
http://itu.int/ is such a messy website.
I'll point you to the general location, because it's a better piece of information to
have than the exact location. (There are other recommendations that X.509 refers to, and
being
Hi,
I checked the parameters of your 4008 bits key and it is indeed invalid
(q is not prime).
How did you generate it? It would be surprising if it was done through
OpenSSL.
Anyway, you must generate a new RSA key.
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 8/7/2010 1:21 PM, Georgi
On Sun, Aug 08, 2010 at 02:46:33AM +0200, Mounir IDRASSI wrote:
Hi,
hi,
10x for your reply.
i have no complaints about the openssl key generation process for rsa
keys of this size. and don't expect vanilla openssl to do correct math
with this key.
I checked the parameters of your 4008