9:49 AM, CAMPETTO CLAUDIO wrote:
>
>>>>> openssl verify -CAfile CATest2.cacert.pem -crl_check -crlfile
>>>>> CATest2.crl.pem testrinnovo1_nuovo.pem
>
> usage: verify [-verbose] [-CApath path] [-CAfile file] [-trusted_first]
> [-purpose purpose] [-crl_check]
openssl version
openssl 1.0.2k-fips
man verify
VERIFY(1)
OpenSSL
VERIFY(1)
NAME
verify - Utility to verify certifica
It's not a matter of file name extension. The CA script which comes with
openssl assumes certificate requests are PEM encoded, maybe the request outlook
produced is DER encoded; in that case all you have to do is "openssl req -in
-inform der -out " to convert the encoding to
PEM.
Claudi
