The verify(1ssl) man page has descriptions of these error codes. 7 is
"X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure",
which is described as: the signature of the certificate is invalid.
I would presume that this is because the signature cannot be verified
with the public key that it's said to be verifiable with -- i.e., the
data in one of the certificates has been modified since it was signed
(and thus, the signature has been invalidated).
-Kyle H
On Fri, Aug 1, 2008 at 5:15 PM, .:: Francesco la Torre ::.
<[EMAIL PROTECTED]> wrote:
> On sab, 2008-08-02 at 00:21 +0200, .:: Francesco la Torre ::. wrote:
>
> One mistake is here even if there were not compilation error
>
>> and also add this line to the main
>> X509_STORE_set_verify_cb_func(&ca_ctx,cb);
>>
>
> the correct code block is :
>
> ...
> /* load CA cert store */
> if (!(CAcerts = X509_STORE_new())) {
> printf ("\nError1\n");
> }
> ---> X509_STORE_set_verify_cb_func(CAcerts,cb);
> ...
>
>
>
>> but the result is always the same :
>>
>
> Not always the boring "Verification error: certificate signature
> failure"
>
> But a new strange error :
>
>
> /C=IT/ST=Italy/O=IIT-CNR/OU=lab18/CN=ubuntu-ser/[EMAIL PROTECTED]
> error 7 at 1 depth lookup:certificate signature failure
> Verification error: 0
>
>
> I've tried to find any kind of reference for this kind of error but
> google returns not a very good help.
>
> In various forum/mailing list this is _classified_ as *quite strange*
> error ... is it possible ?
>
> Thanks in advance,
> Flt
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
