Hi everyone,
I need help :) I'm trying to verify a certificate signature in order to
know if it's valid, expired, self-signed etc.
However i have a strange problem. When the default_cert_file is present
(/usr/local/ssl/cert.pem for me), everything's ok and the status reported
is correct. But if I move this file (i noticed many people don't have it),
openssl looks in default_cert_dir (/usr/local/certs/ for me) to check the
signature, but it doesn't work ("unable to get local issuer certificate").
By stracing and looking at by_dir.c i found out that openssl was looking
for the subject's certificate in default_cert_dir, not the issuer one.
I guess I'm doing something wrong, but can't find what...
Would anyone have an idea about this ?
If you need to see the problematic code it's
`char *ssl_certificate_check_signer (X509 *cert)` function in
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/sylpheed-claws/sylpheed-claws/src/common/ssl_certificate.c?rev=1.3&content-type=text/vnd.viewcvs-markup
Many TIA,
--
Colin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
