Hi all, I am trying to use “openssl verify” as a sanity check to determine whether a set of certificates are sane and valid in a script that issues (or reissues) the certificates, and I’m struggling with the output of the “openssl verify” command.
This is output I get while verifying three certificates in a chain: minfrin@localhost:~$ openssl verify -issuer_checks -trusted root-ca.crt -untrusted intermediate.crt cert.crt cert.crt: [stuff] error 29 at 0 depth lookup:subject issuer mismatch [stuff] error 29 at 0 depth lookup:subject issuer mismatch [stuff] error 29 at 0 depth lookup:subject issuer mismatch [stuff] error 29 at 0 depth lookup:subject issuer mismatch OK In theory the command just told me everything is ok. In practise, that command told the person running the script that 4 separate errors are present, which obviously in this case is not the case. Is there a way to suppress these spurious messages so I only see actual errors? Regards, Graham — -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
