Hi Goetz,
Thx again for your help, I finally found what was going wrong with my code.
I was setting a flag to force CRL verification but I did not have a CRL
stored for the CA.
Now everything is running well.
Thx again for your help.
Regards !
--
Florian Manach
NUMLOG
[EMAIL PROTECTED]
(+33)0130791616
Goetz Babin-Ebell a écrit :
Hello Florian,
--On Montag, Juli 09, 2007 09:25:01 +0200 Florian MANACH <[EMAIL PROTECTED]>
wrote:
I saw that it needs PEM format... but even if I convert the certs in PEM,
links are created but my app still returns an error on verification.
Hm.
Try to store roots, intermediate certs and CRLs in the same
directory, download the server cert and do a
c_rehash ./allcerts
openssl verify -CApath ./allcerts server.pem
(optionally with -crl_check and -purpose ...)
If that succeeds, your certs are correct and the bug must
be in your code.
(It may be possible that CA cert files and CRL files
must be handled in the same lookup.)
Bye
Goetz
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
