Hi,
I'm having trouble with openssl. I guess this is a typical newbie-problem,
but I'm unable to find any help in the online manual or the man pages
distributed with openssl.
When I run a program which uses SSL (mico; www.mico.org) I get the
following error message:
SSL verify error: unable to get local issuer certificate
SSL verify error: certificate not trusted
SSL verify error: unable to verify the first certificate
When I try openssl validate <cert name> I get:
pelle: /C=AU/ST=QLD/O=Mincom Pty. Ltd./OU=\x09/CN=PelleMell
error 20 at 0 depth lookup:unable to get local issuer certificate
I have generated this certificate by isuing the following commands from
the command line (much stolen from the mod_ssl help page):
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl ca -infiles server.csr
I've tried to use the demoCA distributed with openssl. I've moved that
directory to /usr/local/ssl and the relevant(?) openssl.conf lines read:
[ CA_default ]
dir = /usr/local/ssl/demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem # The private key
RANDFILE = $dir/private/.rand # private random number file
Does anyone know what's going wrong here? Very thankful for any advices.
Best Regards
Per Mellstrand
[EMAIL PROTECTED]
Software Engineering Student at the University of Karlskrona/Ronneby
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
