> From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
> Sent: Tuesday, 14 August, 2012 08:09
> > if your self-signed cert has a KeyUsage extension that does
> > not include certSign,
> > OpenSSL skips it for chain-building, resulting in verify 20.
>
> Looks like the latter to me. P
ha1WithRSAEncryption
-END CERTIFICATE-
Charles
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Monday, August 13, 2012 7:09 PM
To: openssl-users@openssl.org
Subject: RE: CA for IIS-issued s
> From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
> Sent: Saturday, 11 August, 2012 08:57
> I wondered if perhaps there were path or filename
> specification problems
> (need to escape backslashes? a problem with embedded spaces?) but I
> eliminated all of those variables -- put
..@mcn.org]
Sent: Friday, August 10, 2012 8:54 PM
To: 'openssl-users@openssl.org'
Subject: RE: CA for IIS-issued self-signed certificate?
> If you ... subsequently call set_default_verify_paths, the later call
overrides and
> (only) the default file and/or directory are used.
Than
> If you ... subsequently call set_default_verify_paths, the later call
overrides and
> (only) the default file and/or directory are used.
Thanks. I wondered about that. I commented it out though and still get
exactly the same result.
I also added a certificate verify callback. I come through the
> From: owner-openssl-us...@openssl.org On Behalf Of CharlesTSR
> Sent: Friday, 10 August, 2012 16:48
> Please bear with me; I'm a real SSL newbie. I am attempting
> to develop my
> first SSL program, an SSL/TLS client that will communicate
> with a commercial
> SSL server product (Kiwi Server)