On Tue Feb 19 14:36:26 2013, sushil_sha...@in.ibm.com wrote: > > Steps to Reproduce: > 1. Create a x509 certificate and save the hash file in truststore. > 2. upgrade openssl to 1.0.1 > 3. try to verify certificate using verifycommand and specify -CApath > as > truststore path. >
The hash calculation (use by -CApath) changed from OpenSSL 0.9.8 to 1.0.0 and later. The two are not compatible. So you need to recreate hash links using OpenSSL 1.0.0. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
