I make new path using hash name/ ".0" extension for certificat/".r0"
extension for CRL
The function: 'verify -CApath @CRLCA\ -issuer_checks -crl_check
"SignCertPEM.cer"
The result is :
SignCertPEM.cer:
/C=FR/O=GIP-CPS/OU=M\xE9decin/CN=0081013443/SN=ROUSSIA/GN=FRANCK
error 29 at 0 depth lookup:subject issuer mismatch
/C=FR/O=GIP-CPS/OU=M\xE9decin/CN=0081013443/SN=ROUSSIA/GN=FRANCK
error 29 at 0 depth lookup:subject issuer mismatch
/C=FR/O=GIP-CPS/OU=M\xE9decin/CN=0081013443/SN=ROUSSIA/GN=FRANCK
error 29 at 0 depth lookup:subject issuer mismatch
/C=FR/O=GIP-CPS/OU=GIP-CPS PROFESSIONNEL/CN=GIP-CPS CLASSE-1
error 29 at 0 depth lookup:subject issuer mismatch
/C=FR/O=GIP-CPS/OU=M\xE9decin/CN=0081013443/SN=ROUSSIA/GN=FRANCK
error 35 at 0 depth lookup:key usage does not include CRL signing
Two questions :
1) Why the "subject issuer mismatch" error ? also when the result is OK
2) For this example what mean the error "key usage does not include CRL
signing" ?
Thanks
Dr Franck ROUSSIA
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
