Thanks. it works. Jeff
Dr S N Henson wrote:
>
>Jeff Smith wrote:
> >
> > ... and using -verbose option, the step (3) verify would produce:
> >
> > % openssl verify -verbose -CAfile ca.crt -untrusted ca2.crt user.crt
> >
> > error 18 at 0 depth lookup:self signed certificate
> > error 7 at 0 depth
Jeff Smith wrote:
>
> ... and using -verbose option, the step (3) verify would produce:
>
> % openssl verify -verbose -CAfile ca.crt -untrusted ca2.crt user.crt
>
> error 18 at 0 depth lookup:self signed certificate
> error 7 at 0 depth lookup:certificate signature failure
> 21970:error:0407006
... and using -verbose option, the step (3) verify would produce:
% openssl verify -verbose -CAfile ca.crt -untrusted ca2.crt user.crt
error 18 at 0 depth lookup:self signed certificate
error 7 at 0 depth lookup:certificate signature failure
21970:error:0407006A:rsa routines:RSA_padding_check_P
I forgot to mention that I could successfully verify ca2.crt after step (2)
using
% openssl verify -CAfile ca.crt ca2.crt
clnt1.crt: OK
In addition to the question I had, I am wondering if there is any
workaround. What I need is a 2-level ca hierarchy.
Thanks - Jeff
Jeff Smith wrote:
>
>
