Hi,
I hope you can help me to understand why OpenSSL doesn't act as expected
when I try to verify a certificate chain.
On my server the certificate files are stored in the following
directory structure:
/usr/local/ssl/certs -> certificate files
/crl -> CRL files
Nevermind. I have found the error #1. By appending the CRLs to the
CA-chain, the CRL-error 3 disappears now. (The appending of CRLs to
the chain were not descriped in the manual!)
But the second issuer subject error makes me crazy.
I noticed that I have the same problems as descripted here:
http:
Hello.
I have a problem with verification of certificates.
I have a root, a intermediate and a client certificate. Every
certificate has CRL information (client shows the intermediate CRL).
The chain is:
ViaThinkSoft Root Certificate Signing Authority (CRL: Root)
- ViaThinkSoft Intermediate Cli
Hi,
Anyone can help me on this issue? I saw there are some mails about "unable to
get certificate CRL". Seems like a bug? I am using openssl-0.9.8a. Thanks!
Roger
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Zhang,
> Long
Hi,
I saw a problem of unable to get certificate CRL. The program is as following.
It is changed from O'Reilly openssl book example 10-7. In the program,
/home/zhangl/openssl/test/ca1/newcerts/ca1cert.pem is my root self signed CA.
It signed a lot of certificates. 01.pem, 02.pem to 0
Looking for the cause of this error in my secure
client application, coming from the SSL_connect()
function:
-
ERROR 3: unable to get certificate CRL
SSL_connect error 1,
error:0001:lib(0):func(0):reason(1)
SSL error: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate
