-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi list ! I'm not good with openssl as with gpg but i'm getting into it. I have a postfix instance which use an 'another' smtp as only relayhost. The connection happens on smtp submission port 587 , and it is a verified connection :D ! All i did was stick together on the same .pem file both my CAcert.pem and relayhost CAcert.pem . I'm trying to assume the same result with a ircd , still with my self signed CA , and i was following a procedure wich was as follow:
> first i saw the has value in the cacert openssl x509 -noout -hash -in > cacert.pem Than i made a link in the same directory this way: > ln -s cacert.pem `openssl x509 -hash -noout -in cacert.pem`.0 Once done this the following command to verify the path get stalled: > openssl verify -CApath cacert.pem If i just verify the certificate it gives an error and than ok : > openssl verify cacert.pem > cacert.pem: /O=MyOrg/OU=Main > CA/emailaddress=ad...@email.address/L=None/ST=none/C=NO/CN=*.my.fqdn > error 18 at 0 depth lookup:self signed certificate > OK My goal is to successfully verify my self signed CA against the clients certificates connecting to my servers . First i wish document myself about ssl certificates but i haven't found yet a 'simple' reading ... Thank you. Gab - -- HomePage http://www.gabrix.ath.cx/ sec 1024D/80231A90 2008-07-01 Key fingerprint = 54AC C632 B35E FB9B 6D9F 108D DBE6 5425 8023 1A90 uid Gabriele Lost Adm (Chiave ufficiale Gabrix.ath.cx,ok?) <ad...@gabrix.ath.cx> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEAREKAAYFAknf3dAACgkQ2+ZUJYAjGpARhACdGKKtEkPYx0CUXHm3JPPTjJT/ xgQAoKSZ5NA/a1prNxN2wcCBhG+O35VI =fkqs -----END PGP SIGNATURE----- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
