<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
I'm running in a linux-elf environment as the su.<br>
<br>
when I run "make tests" at the tail end of the tests I get some
errors about expired certificates:<br>
<br>
<br>
testing pkcs7 conversions<br>
p -> d<br>
p -> p<br>
d -> d<br>
p -> d<br>
d -> p<br>
p -> p<br>
testing pkcs7 conversions (2)<br>
p -> d<br>
p -> p<br>
d -> d<br>
p -> d<br>
d -> p<br>
p -> p<br>
The following command should have some OK's and some failures<br>
There are definitly a few expired certificates<br>
../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo
../certs/demo/*.pem<br>
../certs/demo/ca-cert.pem: C = AU, ST = Queensland, O = CryptSoft
Pty Ltd, CN = Test CA (1024 bit)<br>
error 20 at 0 depth lookup:unable to get local issuer certificate<br>
../certs/demo/dsa-ca.pem: C = AU, ST = Some-State, O = Internet
Widgits Pty Ltd, CN = CA<br>
error 20 at 0 depth lookup:unable to get local issuer certificate<br>
3077822616:error:0B06E06B:x509 certificate
routines:X509_get_pubkey_parameters:unable to find parameters in
chain:x509_vfy.c:1966:<br>
../certs/demo/dsa-pca.pem: C = AU, ST = Some-State, O = Internet
Widgits Pty Ltd, CN = PCA<br>
error 18 at 0 depth lookup:self signed certificate<br>
C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = PCA<br>
error 10 at 0 depth lookup:certificate has expired<br>
OK<br>
../certs/demo/pca-cert.pem: C = AU, ST = Queensland, O = CryptSoft
Pty Ltd, CN = Test PCA (1024 bit)<br>
error 18 at 0 depth lookup:self signed certificate<br>
C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN = Test PCA (1024
bit)<br>
error 10 at 0 depth lookup:certificate has expired<br>
OK<br>
<u>make[1]: *** [test_verify] Error 2</u><u><br>
</u><u>make[1]: Leaving directory
`/home/rhermann/src/OpenSSLWork/test'</u><u><br>
</u><u>make: *** [tests] Error 2</u><u><br>
</u>[root@rhlinuxdev OpenSSLWork]#<br>
<br>
<br>
<br>
what do the underlined statements mean ? is there an expired
certificate that needs to get updated ? <br>
<br>
<br>
Rob Hermann<br>
<br>
<br>
<br>
<br>
</body>
</html>