I hav an stunnel application where the certificates are generated by a Microsoft Certificate server. Verification of the client and server certificates fail :
Versions 0.9.6c 0.9.6d and 0.9.7-beta2 all give the same error. /usr/local/ssl/bin/openssl verify -verbose -CAfile root.pem client.pem error 7 at 1 depth lookup:certificate signature failure 24430:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:139: 24430:error:0D06809B:asn1 encoding routines:ASN1_CHECK_TLEN:too long:tasn_dec.c:920: 24430:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:304:Type=X509_SIG 24430:error:0D089006:asn1 encoding routines:ASN1_verify:EVP lib:a_verify.c:162: Has anybody been succesful in this setup? (There is no option to use openssl as CA) Thanks Dick van den Burg ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
