Same problem apply for cross-certificates which create multiple paths also.
Imagine the expiring CA (expiring within year or two, not expired
already). The organization will create the new one, but want to maintain
transition period for the users. So create two cross certificates - the
public
Same issue has been reported and resolved in #1624.
This report can be closed.
Dan
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.or
About year ago, the apps/x509.c has been patched not to ignore -keyform
during -x509toreq operation.
IMHO it's proper time to patch not to ignore other options as well.
All following text is related to "openssl req -x509toreq" call.
Current behavior:
1. -outform is ignored, PEM format used all
>Synopsis: /dev/crypto broken on FreeBSD
>Class: sw-bug
>OS Release: FreeBSD 6.2-RELEASE-p8 i386
>OpenSSL Release: All OpenSSL releases based on
crypto/engine/eng_cryptodev.c v.1.5 and newer (tested on 0.9.8e)
>Description:
The problem check-in #11541
http://cvs
Stephen Henson via RT wrote:
>>I back-translated the current version of CA.pl back into CA.sh.
...
>> there are no reason for using as strong tool as perl for this simple
task
> There is at least one reason for the perl translation. Some of the many
> platforms OpenSSL compiles on have will h