Richard Levitte via RT wrote: > OK, I just haven't seen further communication on this, so I've no > idea what conclusoins you came to. It's very possible that the CA > certificate didn't match the issuer of the certificate you wanted to > verify. Do you have the possibility to send me the certificates you > were using in your test?
here are the 'openssl x509' dumps, I hope that helps. ---- ca.pem ---- Certificate: Data: Version: 3 (0x2) Serial Number: 0 (0x0) Signature Algorithm: md5WithRSAEncryption Issuer: C=DE, ST=Hamburg, L=Hamburg, O=zaplinski.de, CN=zaplinski.de root [EMAIL PROTECTED] Validity Not Before: Aug 25 21:56:07 2002 GMT Not After : Aug 22 21:56:07 2012 GMT Subject: C=DE, ST=Hamburg, O=zaplinski.de, CN=zaplinski.de root [EMAIL PROTECTED] Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:db:0c:f7:81:be:7d:f7:59:26:79:04:aa:9b:4f: ba:05:f5:74:aa:78:65:70:fb:5d:ec:a3:dc:fb:6b: 87:f1:e5:9c:fb:c2:a4:62:5c:16:63:65:44:d5:b8: db:c0:b5:5b:6f:06:40:7f:e5:71:cc:4e:5d:a8:4e: 0a:1d:69:b5:98:c2:4b:10:95:6e:b6:49:17:69:41: 86:00:ef:db:f8:59:24:c9:de:d6:31:90:06:60:2f: 14:63:2c:82:e5:5a:71:16:42:17:36:c1:ce:15:fd: 15:06:dc:48:58:87:b3:81:22:b7:b4:3e:f0:fb:49: 04:5e:90:25:4b:da:3d:8f:e1:36:69:ea:17:d9:2c: 3f:0e:6d:10:1d:37:e9:35:ec:11:1f:3b:2f:72:ad: 69:11:56:8d:a4:45:77:cd:a4:5b:c7:75:74:d2:83: e7:aa:79:f0:cc:38:fe:48:3a:b7:af:03:d7:de:81: fb:42:f4:da:b9:db:b2:41:bc:cf:ec:1c:58:e3:12: fa:cd:80:b3:46:50:1f:ba:f2:2c:90:a5:86:7f:62: de:bb:4b:b3:8c:22:53:bd:42:a2:46:91:c2:fd:d8: 39:25:df:55:57:90:f9:73:1c:0a:06:a0:7c:e7:dc: 70:fc:e8:48:4c:50:82:3a:09:17:a1:51:c9:cd:a2: f1:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:F1:51:FB:14:2F:C6:33:5F:5B:9D:EF:10:E0:7C:28:0A:A4:A3:5D X509v3 Authority Key Identifier: keyid:7F:F1:51:FB:14:2F:C6:33:5F:5B:9D:EF:10:E0:7C:28:0A:A4:A3:5D DirName:/C=DE/ST=Hamburg/L=Hamburg/O=zaplinski.de/CN=zaplinski.de root [EMAIL PROTECTED] serial:00 X509v3 Basic Constraints: critical CA:TRUE Netscape Cert Type: SSL CA, S/MIME CA X509v3 Subject Alternative Name: email:[EMAIL PROTECTED] X509v3 Issuer Alternative Name: email:[EMAIL PROTECTED] Signature Algorithm: md5WithRSAEncryption 66:b0:2a:33:12:d8:f8:08:49:71:b3:16:fe:34:9c:af:9d:7f: 68:5c:cf:e6:a5:42:08:15:ab:ce:a9:8a:5b:80:d0:0c:72:c8: 00:bc:a1:1c:73:f5:49:bb:20:35:56:be:82:69:2b:5e:6b:01: 00:6e:ba:ed:d0:ba:e2:fe:45:9f:ad:bd:dd:78:40:9f:cf:1d: c2:9c:8d:15:4b:54:29:9f:cd:d9:28:2f:8a:bb:f4:fd:3d:5a: 12:a6:d1:94:dc:08:e2:a8:c1:9e:ca:72:63:d7:01:c3:60:65: 4f:0c:66:56:7e:13:0c:09:72:26:70:8b:30:2e:83:a7:ae:ea: 61:a4:66:b5:c2:39:c7:fb:28:fc:35:fd:04:c2:cc:5c:fc:ad: 60:29:c9:8f:f3:92:0e:cd:88:03:71:14:3a:b5:be:2d:5d:bc: e0:e5:de:33:87:e7:dd:a2:8b:f0:9a:3f:ea:89:2c:16:04:08: d4:3d:f2:d2:d8:f7:ef:7e:89:d6:71:b6:d1:1a:79:1a:e7:1b: 11:55:73:ed:3a:25:f5:d2:58:7b:ec:ea:c1:24:b5:14:51:6b: f6:a6:b3:9d:e0:70:ea:6b:45:ca:87:06:6b:f0:5f:e7:86:10: db:b6:46:83:76:a4:00:d6:af:82:a9:71:38:9c:3e:73:6a:01: 55:16:cf:7d ---- mail.zaplinski.de.pem ---- Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: md5WithRSAEncryption Issuer: C=DE, ST=Hamburg, L=Hamburg, O=zaplinski.de, CN=zaplinski.de root [EMAIL PROTECTED] Validity Not Before: Aug 25 22:52:15 2002 GMT Not After : Aug 22 22:52:15 2012 GMT Subject: C=DE, ST=Hamburg, O=zaplinski.de, [EMAIL PROTECTED] Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:d4:9f:e5:df:02:44:2e:57:c6:f7:f5:1f:30:0d: 47:9c:33:d6:66:7c:b6:04:49:dd:75:04:5d:83:47: 6f:78:eb:10:a3:37:88:f9:98:67:6b:c6:90:8b:a9: e6:81:cb:2c:ac:d1:f3:7e:cf:4a:c3:88:bb:39:16: 66:a2:3e:35:a3:a5:1e:fb:f9:7a:7c:c0:02:b7:f9: 01:84:6a:5a:ee:a5:fa:0d:d4:21:71:c2:89:8c:ad: b6:4d:04:5e:bf:2d:15:86:67:86:c8:e2:7c:5f:f7: ac:f2:70:92:a8:35:92:b8:e5:3e:b1:dd:8a:ce:ff: 6a:a2:84:ad:9c:4e:bc:08:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Cert Type: SSL Server X509v3 Subject Key Identifier: E8:32:5E:CD:5B:15:D2:DB:B2:F3:E8:03:8F:63:E7:B9:90:D7:5D:D0 X509v3 Authority Key Identifier: keyid:7F:F1:51:FB:14:2F:C6:33:5F:5B:9D:EF:10:E0:7C:28:0A:A4:A3:5D DirName:/C=DE/ST=Hamburg/L=Hamburg/O=zaplinski.de/CN=zaplinski.de root [EMAIL PROTECTED] serial:00 Signature Algorithm: md5WithRSAEncryption 77:ac:ed:51:2e:31:50:6d:3b:c5:b5:96:af:d9:f8:99:66:10: e8:e7:a0:48:db:a2:99:c8:a1:52:b9:67:36:e6:31:4c:5b:d0: 2b:67:b6:1c:11:d3:21:a1:25:c1:a6:4f:7d:32:0c:18:c9:f6: 0a:92:78:e2:f0:99:f3:67:54:3c:c0:a9:77:8c:3f:1e:2d:5a: 67:ab:af:41:86:04:6e:83:c0:ee:db:01:33:42:e4:8a:10:1a: 6c:12:8b:72:34:33:2c:52:5f:17:c1:2b:27:15:bb:e5:3b:f6: 23:60:4d:26:ac:9e:04:f2:eb:95:eb:7a:a6:f3:be:d7:77:85: 9f:e6:60:c2:ef:c6:a6:66:38:ed:17:43:98:ba:48:cb:33:80: e1:e3:29:91:93:ea:53:83:9d:a2:4f:e9:05:98:a4:7f:a9:01: e2:bf:58:a9:d2:cb:af:8c:e1:84:22:36:0c:b5:26:3c:32:5f: 68:8c:39:fd:8a:a2:30:0f:46:44:e4:e6:c0:93:2e:98:5e:71: cc:22:ae:79:91:ba:31:b7:b1:c5:94:8d:d7:67:a7:9f:d3:84: 47:39:a8:f4:5b:5f:64:90:df:86:e7:47:b1:40:63:7f:0d:90: 56:05:d6:e3:ff:78:c9:f9:f9:45:dd:a3:eb:5c:9b:55:95:09: 30:b5:ce:47 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]