rrln wrote:
>
> That's right, and that was expected, but what bothers me is that a call to
> X509_print_fp() is showing private key info.
>
Since this issue crops up quite often and it is a potential security
risk (e.g. using the -text option when a certificate or request has just
been signed) I've modified OpenSSL to change this. See previous message
for an explanation of why it happens.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
