server for instance).
On 09.01.2014 14:52, Yvonne Wambui wrote:
> could you please explain the last reason.
>
>
> On Thu, Jan 9, 2014 at 3:38 PM, Martin Hecht wrote:
>
>> X509_V_OK would be code 0
>> 19 means that the CA certificate could be found, the chain could be
>>
> thanks martin. i made the changes and now im getting
> Verify return code: 19 (self signed certificate in certificate chain)
>
> is this ok, or i need code 0
>
>
> On Thu, Jan 9, 2014 at 1:33 PM, Martin Hecht wrote:
>
>> I was thinking about manual verification of c
ver, its using my RootCA instead of the
> server, hence throwing verification error 19. would you please advise on
> what might be wrong
>
>
> On Wed, Jan 8, 2014 at 8:27 PM, Martin Hecht wrote:
>
>> On 08.01.2014 15:32, Yvonne Wambui wrote:
>>> i get this error when
On 08.01.2014 15:32, Yvonne Wambui wrote:
> i get this error when verifing a non-self signed certificate. how do i make
> it not point to the rootCA
>
It makes no sense to verify a non-self signed certificate without the
rootCA certificate. To verify such a certificate you have to provide the
certi
Hi Manoj,
I don't know this API, but I believe it complains about the fact that
the certificate is self-signed.
Maybe there are some means to add the certificate to "trusted
certificates", maybe it is sufficient to copy it somewhere, where your
openssl looks for trusted certificates (in Linux it
Hi Ted,
I think there are two different approaches to your question: One is with
a single
CA which will sign all certificates. Some CA software packages include
mechanisms
to automatically sign certificate requests coming in (that would be on
the main CA).
The RA's are web-applications where users
Hi Manoj,
if you want to generate just one selfsigned
certificate, this would be the easiest:
# generate key and self signed cert with one command
openssl req -x509 -nodes -days 3650 \
-subj '/C=DE/ST=some-state/L=somewhere/CN=example.com' \
-newkey rsa:1024 -keyout key.pem -out cert.pem
# ver
openssl >= 0.9.8
On 06.11.2013 17:08, Patetta, Nicholas wrote:
> Anyone know which version of OPENSSL is needed to support SHA256? Thanks.
>
>
>
> -Original Message-
> From: owner-openssl-us...@openssl.org
> [mailto:owner-openssl-us...@openssl.org] On Behalf Of Raullen Chai
> Sent: Tuesd
