On 12/15/15, 17:51 , "openssl-dev on behalf of Viktor Dukhovni" <openssl-dev-boun...@openssl.org on behalf of openssl-us...@dukhovni.org> wrote:
>>On Dec 15, 2015, at 5:30 PM, Blumenthal, Uri - 0553 - MITLL >><u...@ll.mit.edu> wrote: >> >>$ openssl verify --help >> usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose >>purpose] >> [-crl_check] [-no_alt_chains] [-attime timestamp] [-engine e] cert1 >>cert2 >> ... > >That's fine, but have you tried it? The option is documented in >1.1.0, and not 1.0.2, and yet it is available in both. Yeah… And it does not complain… Unfortunately, right now most of my cert chains are of length 1, so I can’t give it a good try. :-( And without a decent description of what it is supposed to do, I’m a bit lost... $ openssl verify -verbose -CAfile ~/Certs/RabbitMQ_CA.pem -partial_chain -purpose sslclient RabbitMQ_Dev.pem RabbitMQ_Dev.pem: OK $ openssl verify -verbose -CAfile ~/Certs/RabbitMQ_CA.pem -purpose sslclient RabbitMQ_Dev.pem RabbitMQ_Dev.pem: OK $
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
