On September 11, 2008 09:24:46 am matteo mattau wrote: > Dears,I'm in trouble with self signed certificate, when I try to verify via > ocsp a certificate whose issuer is self signed.The error I receive is > always openssl ocsp -issuer /usr/local/ssl/cert/issuerPEM.crt -cert > ./certificatePEM.cer -url http://ocsp.foo.com -CApath > /usr/local/ssl/certResponse Verify Failure1903:error:27069065:OCSP > routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:122:Verify > error:self signed certificate in certificate chain Into /usr/local/ssl/cert > I've copied the issuer certificate and created the "ln -s" hash link.Is > that anyway to trust the "self signed" certificate? If I load the issuer > certificate into IE browser,It appeares as root...Thanks in advanceMattew
Can you include the certificates involved in your problem report? Thanks. -- Patrick Patterson President and Chief PKI Architect, Carillon Information Security Inc. http://www.carillon.ca ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
