[openssl-users] cert chain file ordering question
Norm Green
norm.green at gemtalksystems.com
Wed Jan 10 18:04:34 UTC 2018
On 1/9/18 19:32, Viktor Dukhovni wrote:
> This Key Usage is more appropriate. When the "Key Usage" is present in
> a CA certificate, it*MUST* include "Certificate Sign".
That was indeed the problem. Thank you!! It seems strange to me that
OpenSSL will allow creation of a CA cert (CA:TRUE) that may not be used
to sign other certs.
I appreciate your help Viktor.
Norm
P.S. Seems you didn't need machine-readable certificates to help me
after all ;-)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180110/348fd24f/attachment.html>
More information about the openssl-users
mailing list