Hello guys,
I have a problem with X509 certificate and CRL checking.
When using the
X509_CRL_verify(crl, pkey) function (I get an error also
by using the
'openssl crl -CAfile... ' command), I get the following
Error:
7322:error:0407006A:rsa
routines:RSA_padding_check_PKCS1_type_1:block type
On Fri, Jan 14, 2005, Massimiliano Pala wrote:
Hello guys,
I have a problem with X509 certificate and CRL checking.
When using the
X509_CRL_verify(crl, pkey) function (I get an error also
by using the
'openssl crl -CAfile... ' command), I get the following
Error:
I notice there is an duplicate return statement in x509_vfy.c
It causes warnings on our solaris builds:
x509_vfy.c line 479: warning: statement not reached
x509_vfy.c 28 Dec 2004 00:21:32 - 1.70
---
Hi there,
I am trying to play with large serial numbers, however I found that the function
ASN1_INTEGER_get() applied with the following code:
/*--*/
ASN1_INTEGER_get(X509_get_serialNumber(cert));
/*--*/
where 'cert' is the certificate resource, has limited capabilities,
On Fri, Jan 14, 2005, Przemek Michalski wrote:
Hi there,
I am trying to play with large serial numbers, however I found that the
function
ASN1_INTEGER_get() applied with the following code:
/*--*/
ASN1_INTEGER_get(X509_get_serialNumber(cert));
/*--*/
where
Hi OpenSSL developers,
here's the NetBSD donation :-) - see below for a description what's in
there.
I won't claim to understand what's going on, but I can say for sure
that 0.9.7e with the pkgsrc patches builds fine on NetBSD-Sparc64.
regards,
Gert Doering
- Forwarded message from
Dr. Stephen Henson wrote:
[...]
Check to see if the CRL has an authority key id and if so if it matches the
subject key id of the CA you are using. If not then the problem is that the
wong CA and hence wrong public key is being used to verify the CRL signature.
You are right, unfortunately I have
On Sat, Jan 15, 2005, Massimiliano Pala wrote:
Dr. Stephen Henson wrote:
[...]
Check to see if the CRL has an authority key id and if so if it matches the
subject key id of the CA you are using. If not then the problem is that the
wong CA and hence wrong public key is being used to verify
On Tue, 11 Jan 2005 10:15:48 +, John Poltorak wrote:
On Sun, Jan 09, 2005 at 10:05:42PM +0100, Andy Polyakov wrote:
The reason I ask is that up until v0.9.7c came out, it compiled out of the
box. Since then it doesn't. The problem seems to have arisen since the
introduction (or
