Thanks. it works. Jeff
Dr S N Henson wrote:
>
>Jeff Smith wrote:
> >
> > ... and using -verbose option, the step (3) verify would produce:
> >
> > % openssl verify -verbose -CAfile ca.crt -untrusted ca2.crt user.crt
> >
> > error 18 at 0 depth lookup:self
routines:RSA_padding_check_PKCS1_type_1:block type
is not 01:rsa_pk1.c:100:
21970:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check
failed:rsa_eay.c:396:
21970:error:0D079006:asn1 encoding routines:ASN1_verify:bad get asn1 object
call:a_verify.c:109:
Thanks!
Jeff
Jeff Smith wrote:
>
> Hi ev
I forgot to mention that I could successfully verify ca2.crt after step (2)
using
% openssl verify -CAfile ca.crt ca2.crt
clnt1.crt: OK
In addition to the question I had, I am wondering if there is any
workaround. What I need is a 2-level ca hierarchy.
Thanks - Jeff
Jeff Smith wrote
