On Wed, Nov 09, 2005, Warrick FitzGerald wrote: > Hi All, > > I generated a CA cert and then created a certificate (using CA.pl in > ./misc), however the verify does not seem to detect a valid CA. > > openssl verify -CAfile ./demoCA/cacert.pem -purpose sslserver newreq.pem > > produces "error 18 at 0 depth lookup:self signed certificate" > > Which according to the man pages says: > > ------------ > > 18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate > > the passed certificate is self signed and the same certificate > cannot be found in the list of trusted certificates. > > --------- > > What am I doing wrong here? >
Is that a typo above and you are actually using "newcert.pem" and not "newreq.pem". Also are you entering *exactly* the same field values for the root CA and the server certificate? Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
