I am getting a SAN in the csr e.g.:
Attributes:
Requested Extensions:
X509v3 Subject Alternative Name:
IP Address:192.168.2.1
this is with the following in the config:
[ req ]
# Options for the `req` tool (`man req`).
default_bits= 2048
distin
Hi,
I'd just like to quickly reach out to let you know that we released a new (open
source) network engine in which we also utilize the OpenSSL library and want to
thank you for the work you put into OpenSSL.
Obviously OpenSSL is used as as the backbone to provide any kind of network
encryptio
>> Actually, that's not the reason. The positional [certificates]
>> arguments to verify(1) are not "chains". Only the first (leaf)
>> certificate of each of the argument files is processed.
Ok, that makes sense. Thanks for the update. I was trying this experiment
to understand a client authenti
> On Aug 13, 2017, at 11:39 AM, Sudarshan Raghavan
> wrote:
>
> 3. openssl verify -CAfile 2, intermediate ca 1 and root ca in that order>. This fails with this error
>
> "error 20 at 0 depth lookup: unable to get local issuer certificate
> error leafchain.pem: verification failed"
>
> I und
Hello OpenSSL users,
I have this certificate chain, root ca -> intermediate ca 1 -> intermediate
ca 2 -> leaf certificate. With this chain, I attempted combinations of
openssl verify commands to understand how it works with certificate chains.
1. openssl verify -CAfile . This
verifies ok as expe
