On Thu, Apr 28, 2005, Sven Löschner wrote: > > could you verify this with > > openssl verify -CAfile cacert.pem -purpose sslserver server.pem and while > you at it: > > openssl verify -CAfile cacert.pem -purpose sslclient user.pem > > > I guess i should look at my Server-Cert, because with "openssl verify > -CAfile cacert.pem -purpose sslserver server.pem" I get the following error: > > error 26 at 0 depth lookup:unsupported certificate purpose > > > The client-cert looks ok. > >
If you can post the output of: openssl x509 -in cert.pem -text -noout it should be easy enough to see where the problem is. It is most liket to be keyUsage or extended key usage extensions. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
