Gary E. Miller via devel writes: >> I think openssl is expecting the root cert.
OpenSSL expects a PKI directory (in which each cert has to have a certain filename so it doesn't have to read all files each time) or a bundle file with all the certs concatenated. > And in the case of ostfalia, I only could get their root cert becuase I > was talking to the guy. Much more common case is I just have the end > cert. If you can't get the root cert, you cannot validate anything that has this root as the trust anchor. A root cert is nothing but a normal cert that is signed by the same public key that it certifies (plus some metadata around it). It's a "root" cert because there is no further way of verifying it. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ SD adaptations for KORG EX-800 and Poly-800MkII V0.9: http://Synth.Stromeko.net/Downloads.html#KorgSDada _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
