Hi,
When I try to change the CN in a certificate signing request I get these
errors:
7424:error:04077068:rsa routines:RSA_verify:bad signature:rsa_sign.c:235:
7424:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP
lib:a_verify.c:168:
Example:
a) Generate a new certificate signing request, CN is www.mydom.com
openssl req -new -newkey rsa:1024 -nodes -subj
'/CN=www.mydom.com/O=Mydom/C=AT/ST=Carinthia/L=Mycity' -keyout mykey.pem
-out myreq.pem
b) Run verification, result = verify OK
openssl req -in myreq.pem -text -noout -verify
c) Change CN from www.mydom.com to www.mydomupdate.com
openssl req -in myreq.pem -out myreq_updated.pem -subj
'/CN=www.mydomupdate.com/O=My Dom, Inc./C=US/ST=Oregon/L=Portland'
d) Run verification
openssl req -in myreq_updated.pem -text -noout -verify
Result = verify failure
7424:error:04077068:rsa routines:RSA_verify:bad signature:rsa_sign.c:235:
7424:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP
lib:a_verify.c:168:
Does anybody know how to solve this problem?
Martin Stromberger
