On Wed, Dec 5, 2012 at 10:47 AM, Dr. Stephen Henson <st...@openssl.org> wrote: > On Wed, Dec 05, 2012, Will Nordmeyer wrote: > >> They are US. gov't certificates & CRLs, so providing them is a little >> complicated. Before I had the proper root & intermediate CAs loaded >> and hashed, I would get errors about missing certs in the chain. >> Similarly, before I loaded the CRL, it would have issues. >> >> The CERTs are in PEM formats, as well as the CRLs. >> > > I'd suggest you try a version of OpenSSL from the website to see if you have > problems with that. > > Version "1.0.0-25" or "1.0.0-fips" is not a standard OpenSSL version. > I installed 1.0.1c (and verified it is the one being called).
When I first reran the commands as I listed earlier, I got error 20 at 0 depth lookup:unable to get local issuer certificate I added -CApath /etc/ssl/certs and everything comes back OK again. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org