On Thursday 29 Dec 2011 10:03:01 Mick wrote: > On Thursday 29 Dec 2011 04:46:26 you wrote:
> > PUT such comments. You can avoid editing a copy by: > > awk '/-BEGIN/,/-END/' filewithextra | openssl asn1parse > > > > on any *nix, and on Windows if you add an awk port. > > Just tried this and all certs are parsed correctly. So clearly the router > is not chocking on an encoding error. > > > > The cacert does not suffer from such verification or parsing > > > errors, but certificates signed by it, do. > > > > > The errors that the router authentication shows are: > > <snip> > > > > But as far as pleasing your router, I have no clue, sorry. > > Thank you Dave. Your comments have been most informative. I have raised a > support request with the router manufacturer and wait to see what they come > up with. Just an idea ... Could it be that the router is expecting some explicit "keyUsage:" extensions on the cacert? If so what should I try? -- Regards, Mick ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org