Le 16/08/2013 20:10, Robert Moskowitz a écrit :
On 08/14/2013 05:37 PM, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Robert Moskowitz
Sent: Wednesday, 14 August, 2013 15:49
I have a CA cert in pem format that uses ecdsa. I have tried
to display the contents with:
openssl x509 -in x509-ca.pem -text -nameopt multiline -noout
I get errors:
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Unable to load Public Key
140661212006240:error:0609E09C:digital envelope
routines:PKEY_SET_TYPE:unsupported algorithm:p_lib.c:239:
140661212006240:error:0B07706F:x509 certificate
routines:X509_PUBKEY_get:unsupported algorithm:x_pubkey.c:155:
Is there an option I need to add? Is there something special
with this cert's Public Key Algorithm?
I'm pretty sure not. OpenSSL versions before 1.0.0 needed a
cipherstring option to use ECC suites *in SSL/TLS protocol*,
but local operations have worked as long as I remember.
What version of OpenSSL are you running, and how was it built?
In particular was it from official source, or patched?
I am running Fedora 16, standard biuld stuff. Yes, I know it is time
to upgrade...
Fedora, an ECC certificate. This can't work, for legal reasons. Blame
RedHat.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
