Hello, I get this error with openssl when I request a client certificate verification.
# openssl s_server ..... . . verify error:num=26:unsupported certificate purpose verify return:1 . . the purposes for the CA file are: # openssl x509 -in fadesa-cacert.pem -noout -purpose Certificate purposes: SSL client : No SSL client CA : Yes SSL server : No SSL server CA : Yes Netscape SSL server : No Netscape SSL server CA : Yes S/MIME signing : No S/MIME signing CA : Yes S/MIME encryption : No S/MIME encryption CA : Yes CRL signing : Yes CRL signing CA : Yes Any Purpose : Yes Any Purpose CA : Yes OCSP helper : Yes OCSP helper CA : Yes and for the certificates in both servers: # openssl x509 -in server1-cert.pem -noout -purpose and # openssl x509 -in server2-cert.pem -noout -purpose Certificate purposes: SSL client : No SSL client CA : No SSL server : Yes SSL server CA : No Netscape SSL server : Yes Netscape SSL server CA : No S/MIME signing : No S/MIME signing CA : No S/MIME encryption : No S/MIME encryption CA : No CRL signing : No CRL signing CA : No Any Purpose : Yes Any Purpose CA : Yes OCSP helper : Yes OCSP helper CA : No anyone knows what I am doing wrong here? Thank you. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
