Verify x509 certificate

2008-08-01 Thread Francesco la Torre
/calist.pem cert.pem The output is : cert.pem: OK Does anybody know where is the problem ? Thanks in advance, Francesco la Torre __ OpenSSL Project http://www.openssl.org User Support Mailing List

Re: Verify x509 certificate

2008-08-01 Thread .:: Francesco la Torre ::.
Any help from someone ? :-) Flt Il giorno mer, 30/07/2008 alle 23.57 +0200, Francesco la Torre ha scritto: Dear all, I'm new in openssl api and I'm trying to write e simple application to verify an x509 certificate but I'm facing with some strange problem. Here there is a snapshot of my

Re: Verify x509 certificate

2008-08-01 Thread .:: Francesco la Torre ::.
are using because some may replace spaces with their owns ( eg CRLF - CR or LF ) in the root_cert_data declaration, and that might spoil the signature. I'll check also this :-) Cheers. Thank you very much ! Flt - Original Message From: .:: Francesco la Torre ::. [EMAIL PROTECTED

Re: Verify x509 certificate

2008-08-01 Thread .:: Francesco la Torre ::.
X509_STORE_set_verify_cb_func(ca_ctx,cb); but the result is always the same : Verification error: certificate signature failure where are my mistakes ? Thanks Flt On ven, 2008-08-01 at 23:58 +0200, .:: Francesco la Torre ::. wrote: On ven, 2008-08-01 at 11:21 -0700, Sendroiu Eugen wrote: Hi

Re: Verify x509 certificate

2008-08-01 Thread .:: Francesco la Torre ::.
On sab, 2008-08-02 at 00:21 +0200, .:: Francesco la Torre ::. wrote: self reply :-) I've added a callback function like this static int cb(int ok, X509_STORE_CTX *ctx){ char buf[256]; X509_NAME_oneline( X509_get_subject_name(ctx-current_cert),buf,256

Re: Verify x509 certificate

2008-08-02 Thread .:: Francesco la Torre ::.
to verify the certificate from command line openssl verify -CAfile /home/frank/test/test-CA/calist.pem cert.pem The output is : cert.pem: OK so both certificates are valid. Regards, Flt -Kyle H On Fri, Aug 1, 2008 at 5:15 PM, .:: Francesco la Torre ::. [EMAIL PROTECTED] wrote: On sab, 2008

Re: Verify x509 certificate

2008-08-02 Thread .:: Francesco la Torre ::.
Solved ! I forgot to call SSLeay_add_all_algorithms(); ... a summer youthful folly :-) Flt Il giorno sab, 02/08/2008 alle 11.43 +0200, .:: Francesco la Torre ::. ha scritto: On sab, 2008-08-02 at 02:04 -0700, Kyle Hamilton wrote: The verify(1ssl) man page has descriptions of these error

Re: Verify x509 certificate

2008-08-03 Thread .:: Francesco la Torre ::.
18.57 -0700, Sendroiu Eugen ha scritto: I'm not sure you solved that. This works just because your certificate chain will have only 1 certificate so no signature verification is done. kr, Eugen Sendroiu - Original Message From: .:: Francesco la Torre ::. [EMAIL