On Thu, Oct 09, 2008 at 04:39:06PM +0200, Andrej Podzimek wrote: > I only have one directory and one CA certificate. That makes the task > simple. > > On the client: > [EMAIL PROTECTED] .postgresql]$ openssl x509 -in postgresql.crt -text > | grep Not > Not Before: Mar 25 12:00:00 2008 GMT > Not After : Mar 25 12:00:00 2009 GMT > [EMAIL PROTECTED] .postgresql]$ openssl x509 -in root.crt -text | grep > Not > Not Before: Nov 12 16:03:00 2006 GMT > Not After : Nov 11 16:03:00 2011 GMT > On the server: > [EMAIL PROTECTED] data]# openssl x509 -in server.crt -text | grep Not > Not Before: Jul 23 09:20:00 2008 GMT > Not After : Jul 23 09:20:00 2009 GMT > [EMAIL PROTECTED] data]# openssl x509 -in root.crt -text | grep Not > Not Before: Nov 12 16:03:00 2006 GMT > Not After : Nov 11 16:03:00 2011 GMT
When a PEM file holds multiple certificates (a chain), this command only shows the first one. You need to break each of the ".crt" files into separate files for each certificate, and look at those. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]