Hello,
I am trying to create a signed client certificate, but when I execute the
command
openssl ca -in req.pem -out newcert.pem
The newcert.pem file is created but it is created as an empty file.
Here is what I see on the display:
/openssl-engine-0.9.6g/apps openssl ca -in req.pem -out
Hi
your should check openssl.cnf file find policy section and change your
countryName = match to something like this supplied or optional depends on
policy
Anton
-Original Message-
From: MikeCC [mailto:mikecc;atrek.org]
Sent: Wednesday, October 30, 2002 07:02
To: [EMAIL PROTECTED]
Subject:
Hi everybody,
OpenSSL 0.9.7b3 tells me error=24 (invalid CA certificate) in the
verify_callback when I use a certificate chain where the CAs are X509
version 1 (i.e. they are missing the X509v3 extension that says that
the CA certificate is good for signing other public keys).
I checked the
Edward Chan wrote:
Hmm, so does that mean with the SUN Crypto Accelerator
1000 card, we would specify ubsec when initializing
the engine?
I tried
openssl speed -engine ubsec
but it complained as with any other engine id:
can't use that engine
4683:error:25067066:DSO support
On Wed, Oct 30, 2002, Joerg Bartholdt wrote about Re: SUN Crypto Accelerator +
OpenSSL:
Edward Chan wrote:
Hmm, so does that mean with the SUN Crypto Accelerator
1000 card, we would specify ubsec when initializing
the engine?
I tried
openssl speed -engine ubsec
but it complained
Mike...
In the log you send shows:
-The countryName field needed to be the same in the
-CA certificate (AU) and the request (US)
that's mean that you have in your configuration file (openssl.cnf)
a sentence that don't let that the CA authority be from another country
that the country of the
Howard,
My understanding is that there is no implied
relationship between the request and response signing certificates and any
certificates being verified. The
request and response certificates just need to be verifiable on their own by
the recipient. That assures that
the request or
Hi,
There is reference to ISO 15782-2 standard in the X.509 and X9.68
documentation. This standard describes certificate verification
process. I try to find this document, but meet only payd links. The
price of 122 CHF is so expencive. Can anybody help me with this
document?
--
Andrew
on 10/29/02 11:44 AM, [EMAIL PROTECTED] purportedly said:
I've just found another post on the ml archives
concerning my problem, but didn't find any reply, so:
root@hwsx:~/.cpan/build/Crypt-SSLeay-0.45# make test
PERL_DL_NONLAZY=1 /usr/bin/perl -Iblib/arch -Iblib/lib
This is a general problem with the ISO documentation. The IETF
response was to generate a profile of X.509 for use in the
Internet; this document was also designed to give readers enough
information to skip reading the ISO document itself.
Suggest you read this document:
Internet X.509 Public
RFC2459 was obsoleted by RFC3280 - so just read this one.
Regards, Jochen.
This is a general problem with the ISO documentation. The IETF
response was to generate a profile of X.509 for use in the
Internet; this document was also designed to give readers enough
information to skip reading
11 matches
Mail list logo
