Hi Dan, In message <[EMAIL PROTECTED]> on Mon, 25 Sep 2006 09:50:32 -0600, Dan O'Reilly <[EMAIL PROTECTED]> said:
dano> My CA is another system (Windows) and I requested it to create dano> the trusted root certificate in PKCS7 format, which I copied to dano> my VMS system. I can use OPENSSL PKCS7 to view the package dano> contents, and it contains a single certificate. I then tried to dano> do an OPENSSL VERIFY on that package, and it keeps coming up dano> with "NO START LINE" and "EXPECTING: TRUSTED CERTIFICATE" dano> errors. Finally, I tried "openssl s_clienit -connect dano> <mydomain>:636 -certfore der -CAfile <pkcs7 package> dano> and it comes up with the following: You need to extract the certificate from that PKCS#7 package and use the resulting file. Since OPENSSL PKCS7 will give you the certificate in PEM format, the best you can probably do is save that in a .PEM file, and then use it as follows: openssl s_client -connect <yourdomain>:636 -CAfile <certfile>.PEM Cheers, Richard ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. -- Richard Levitte [EMAIL PROTECTED] http://richard.levitte.org/ "When I became a man I put away childish things, including the fear of childishness and the desire to be very grown up." -- C.S. Lewis ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
