Richard Levitte via RT wrote:
> OK, I just haven't seen further communication on this, so I've no
> idea what conclusoins you came to. It's very possible that the CA
> certificate didn't match the issuer of the certificate you wanted to
> verify. Do you have the possibility to send me the certificates you
> were using in your test?
here are the 'openssl x509' dumps, I hope that helps.
---- ca.pem ----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=DE, ST=Hamburg, L=Hamburg, O=zaplinski.de,
CN=zaplinski.de root [EMAIL PROTECTED]
Validity
Not Before: Aug 25 21:56:07 2002 GMT
Not After : Aug 22 21:56:07 2012 GMT
Subject: C=DE, ST=Hamburg, O=zaplinski.de, CN=zaplinski.de root
[EMAIL PROTECTED]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:db:0c:f7:81:be:7d:f7:59:26:79:04:aa:9b:4f:
ba:05:f5:74:aa:78:65:70:fb:5d:ec:a3:dc:fb:6b:
87:f1:e5:9c:fb:c2:a4:62:5c:16:63:65:44:d5:b8:
db:c0:b5:5b:6f:06:40:7f:e5:71:cc:4e:5d:a8:4e:
0a:1d:69:b5:98:c2:4b:10:95:6e:b6:49:17:69:41:
86:00:ef:db:f8:59:24:c9:de:d6:31:90:06:60:2f:
14:63:2c:82:e5:5a:71:16:42:17:36:c1:ce:15:fd:
15:06:dc:48:58:87:b3:81:22:b7:b4:3e:f0:fb:49:
04:5e:90:25:4b:da:3d:8f:e1:36:69:ea:17:d9:2c:
3f:0e:6d:10:1d:37:e9:35:ec:11:1f:3b:2f:72:ad:
69:11:56:8d:a4:45:77:cd:a4:5b:c7:75:74:d2:83:
e7:aa:79:f0:cc:38:fe:48:3a:b7:af:03:d7:de:81:
fb:42:f4:da:b9:db:b2:41:bc:cf:ec:1c:58:e3:12:
fa:cd:80:b3:46:50:1f:ba:f2:2c:90:a5:86:7f:62:
de:bb:4b:b3:8c:22:53:bd:42:a2:46:91:c2:fd:d8:
39:25:df:55:57:90:f9:73:1c:0a:06:a0:7c:e7:dc:
70:fc:e8:48:4c:50:82:3a:09:17:a1:51:c9:cd:a2:
f1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F1:51:FB:14:2F:C6:33:5F:5B:9D:EF:10:E0:7C:28:0A:A4:A3:5D
X509v3 Authority Key Identifier:
keyid:7F:F1:51:FB:14:2F:C6:33:5F:5B:9D:EF:10:E0:7C:28:0A:A4:A3:5D
DirName:/C=DE/ST=Hamburg/L=Hamburg/O=zaplinski.de/CN=zaplinski.de root
[EMAIL PROTECTED]
serial:00
X509v3 Basic Constraints: critical
CA:TRUE
Netscape Cert Type:
SSL CA, S/MIME CA
X509v3 Subject Alternative Name:
email:[EMAIL PROTECTED]
X509v3 Issuer Alternative Name:
email:[EMAIL PROTECTED]
Signature Algorithm: md5WithRSAEncryption
66:b0:2a:33:12:d8:f8:08:49:71:b3:16:fe:34:9c:af:9d:7f:
68:5c:cf:e6:a5:42:08:15:ab:ce:a9:8a:5b:80:d0:0c:72:c8:
00:bc:a1:1c:73:f5:49:bb:20:35:56:be:82:69:2b:5e:6b:01:
00:6e:ba:ed:d0:ba:e2:fe:45:9f:ad:bd:dd:78:40:9f:cf:1d:
c2:9c:8d:15:4b:54:29:9f:cd:d9:28:2f:8a:bb:f4:fd:3d:5a:
12:a6:d1:94:dc:08:e2:a8:c1:9e:ca:72:63:d7:01:c3:60:65:
4f:0c:66:56:7e:13:0c:09:72:26:70:8b:30:2e:83:a7:ae:ea:
61:a4:66:b5:c2:39:c7:fb:28:fc:35:fd:04:c2:cc:5c:fc:ad:
60:29:c9:8f:f3:92:0e:cd:88:03:71:14:3a:b5:be:2d:5d:bc:
e0:e5:de:33:87:e7:dd:a2:8b:f0:9a:3f:ea:89:2c:16:04:08:
d4:3d:f2:d2:d8:f7:ef:7e:89:d6:71:b6:d1:1a:79:1a:e7:1b:
11:55:73:ed:3a:25:f5:d2:58:7b:ec:ea:c1:24:b5:14:51:6b:
f6:a6:b3:9d:e0:70:ea:6b:45:ca:87:06:6b:f0:5f:e7:86:10:
db:b6:46:83:76:a4:00:d6:af:82:a9:71:38:9c:3e:73:6a:01:
55:16:cf:7d
---- mail.zaplinski.de.pem ----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=DE, ST=Hamburg, L=Hamburg, O=zaplinski.de,
CN=zaplinski.de root [EMAIL PROTECTED]
Validity
Not Before: Aug 25 22:52:15 2002 GMT
Not After : Aug 22 22:52:15 2012 GMT
Subject: C=DE, ST=Hamburg, O=zaplinski.de,
[EMAIL PROTECTED]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:d4:9f:e5:df:02:44:2e:57:c6:f7:f5:1f:30:0d:
47:9c:33:d6:66:7c:b6:04:49:dd:75:04:5d:83:47:
6f:78:eb:10:a3:37:88:f9:98:67:6b:c6:90:8b:a9:
e6:81:cb:2c:ac:d1:f3:7e:cf:4a:c3:88:bb:39:16:
66:a2:3e:35:a3:a5:1e:fb:f9:7a:7c:c0:02:b7:f9:
01:84:6a:5a:ee:a5:fa:0d:d4:21:71:c2:89:8c:ad:
b6:4d:04:5e:bf:2d:15:86:67:86:c8:e2:7c:5f:f7:
ac:f2:70:92:a8:35:92:b8:e5:3e:b1:dd:8a:ce:ff:
6a:a2:84:ad:9c:4e:bc:08:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
X509v3 Subject Key Identifier:
E8:32:5E:CD:5B:15:D2:DB:B2:F3:E8:03:8F:63:E7:B9:90:D7:5D:D0
X509v3 Authority Key Identifier:
keyid:7F:F1:51:FB:14:2F:C6:33:5F:5B:9D:EF:10:E0:7C:28:0A:A4:A3:5D
DirName:/C=DE/ST=Hamburg/L=Hamburg/O=zaplinski.de/CN=zaplinski.de root
[EMAIL PROTECTED]
serial:00
Signature Algorithm: md5WithRSAEncryption
77:ac:ed:51:2e:31:50:6d:3b:c5:b5:96:af:d9:f8:99:66:10:
e8:e7:a0:48:db:a2:99:c8:a1:52:b9:67:36:e6:31:4c:5b:d0:
2b:67:b6:1c:11:d3:21:a1:25:c1:a6:4f:7d:32:0c:18:c9:f6:
0a:92:78:e2:f0:99:f3:67:54:3c:c0:a9:77:8c:3f:1e:2d:5a:
67:ab:af:41:86:04:6e:83:c0:ee:db:01:33:42:e4:8a:10:1a:
6c:12:8b:72:34:33:2c:52:5f:17:c1:2b:27:15:bb:e5:3b:f6:
23:60:4d:26:ac:9e:04:f2:eb:95:eb:7a:a6:f3:be:d7:77:85:
9f:e6:60:c2:ef:c6:a6:66:38:ed:17:43:98:ba:48:cb:33:80:
e1:e3:29:91:93:ea:53:83:9d:a2:4f:e9:05:98:a4:7f:a9:01:
e2:bf:58:a9:d2:cb:af:8c:e1:84:22:36:0c:b5:26:3c:32:5f:
68:8c:39:fd:8a:a2:30:0f:46:44:e4:e6:c0:93:2e:98:5e:71:
cc:22:ae:79:91:ba:31:b7:b1:c5:94:8d:d7:67:a7:9f:d3:84:
47:39:a8:f4:5b:5f:64:90:df:86:e7:47:b1:40:63:7f:0d:90:
56:05:d6:e3:ff:78:c9:f9:f9:45:dd:a3:eb:5c:9b:55:95:09:
30:b5:ce:47
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
