From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of Salz, Rich
Sent: Tuesday, July 07, 2015 08:36
To: openssl-users@openssl.org
Subject: Re: [openssl-users] SSL_CTX_load_verify_locations only with
CAPath
I thought, as the doc has (always? long?) said, that CApath
Is surprising a better word than sub-optimal?
If you and Dave didn't know about it (nor did I) then it's surprising. And
therefore probably not a good thing. Yes it can be useful. But the openssl
rehash program only read one PEM block per file. So we need to fix one of
those things.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Forthcoming OpenSSL releases
The OpenSSL project team would like to announce the forthcoming release
of OpenSSL versions 1.0.2d and 1.0.1p.
These releases will be made available on 9th July. They will fix a
single
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Forthcoming OpenSSL releases
The OpenSSL project team would like to announce the forthcoming release
of OpenSSL versions 1.0.2d and 1.0.1p.
These releases will be made available on 9th July. They will fix a
single
After downloading the root certificate GlobalSignRootCA.crt and installing it
in the folder with its appropriate hash everything worked fine. Thanks for your
suggestion.
-.wikipedia.org is the end user certificate, right?
-Ursprüngliche Nachricht-
Von: openssl-users
I thought, as the doc has (always? long?) said, that CApath must have each
cert (or CRL) in a separate file. But on checking I see that by_dir.c
actually calls
X509_load_{cert,crl}_file from by_file.c, which for PEM loads all certs (or
crls)
in a file to the working context. Thus a
