On 14 nov. 2012, at 19:58, "Dr. Stephen Henson" wrote:
> On Wed, Nov 14, 2012, Dirk-Willem van Gulik wrote:
>
>> Folks,
>>
>> Have a CA (created by certtool, validates in openssl as self signed just
>> fine) and a server cert (created with certtool, signed with certool) which
>> des NOT vali
In addition to Mr Henson answer, your CA certificate doesn't have any
keyUsage extension, depending on the toolkit it may not be considered a
valid CA.
Your countryName AVA is wrong, too. It must be only 2 characters long,
"NL" in your case.
--
Erwann ABALEA
-
yuppiexpédidétritus: cadavres
On Wed, Nov 14, 2012, Dirk-Willem van Gulik wrote:
> Folks,
>
> Have a CA (created by certtool, validates in openssl as self signed just
> fine) and a server cert (created with certtool, signed with certool) which
> des NOT validate in openssl.
>
> However the signature (when extracted with op
On 14 nov. 2012, at 18:42, Dirk-Willem van Gulik wrote:
> Have a CA (created by certtool, validates in openssl as self signed just
> fine) and a server cert (created with certtool, signed with certool) which
> des NOT validate in openssl.
>
> However the signature (when extracted with openssl
