On Sat, May 11, 2013 at 10:49:40AM +0200, Stefan H. Holek wrote:
> On 10.05.2013, at 18:48, no_spam...@yahoo.com wrote:
>
> > openssl verify -check_ss_sig -CAfile ./my-ss-cert.pem ./my-ss-cert.pem
> >
> > I get the following error:
> > error 20 at 0 depth lookup:unable to get local issuer certi
IIRC, this means that the Subject and Issuer names on your self-signed cert do
not match.
Stefan
On 10.05.2013, at 18:48, no_spam...@yahoo.com wrote:
> openssl verify -check_ss_sig -CAfile ./my-ss-cert.pem ./my-ss-cert.pem
>
> I get the following error:
> error 20 at 0 depth lookup:unable to
Must non-CA, self-signed certificates have the "keyCertSign" bit set in the
keyUsage extension to be "valid?"
If I don't have the bit set and execute the following command:
openssl verify -check_ss_sig -CAfile ./my-ss-cert.pem ./my-ss-cert.pem
I get the following error:
error 20 at 0 depth look
