Hi,
I have a doubt regarding the x509_verify_cert.
I used openssl to generate two Root CA certificates (Self signed) say Root
CA1, Root CA2. I got two self-certificates say SelfCert1 from Root CA1 and
SelfCert2 from Root CA2.
In an effort to simulate a bridge CA, one more root CA is generated say
BridgeCA. I simulated a cross certification to RootCA1 by BridgeCA (Say
CCofRootCA1ByBridgeCA with Issuer as BridgeCA, Subject: RootCA1, PubKey of
RootCA1).
Now I try to verfiy SelfCert1, CCofRootCA1ByBridgeCA, BridgeCA using
x509_verify_cert. This function is throwing an error saying "unable to
find the local issuer cert" for SelfCert1.
My question is
1. Is the above scenario correct.
2. If so why should it fail.
I expect it to work because The issuer name of SelfCert1(RootCA1) is
the subject name in CCofRootCA1ByBridgeCA whose IssuerName, BridgeCA is the
subjectName in BridgeCA which is self-signed.
Awaiting your valuable responses...
Regards
Suram
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
