[openssl-users] Fwd to openssl-users Re: [openssl-dev] Why the issuer cannot be found?
Erwann Abalea
erwann.abalea at opentrust.com
Fri Apr 3 08:56:54 UTC 2015
(Forwarded to openssl-users)
The subjectName of file4.pem matches the issuerName of file3.pem, the
signature block in file3.pem, when verified with the public key of
file4.pem, gives a correct signature for the tbsCertificate of file3.pem.
But Openssl also (incorrectly, IMO) checks that file4.pem.SKI matches
file3.pem.AKI, and refuses to go further (here, AKI doesn't match SKI).
--
Erwann ABALEA
Le 03/04/2015 03:10, Yuting Chen a écrit :
> I used OpenSSL to verify a certificate file (file3.pem) against
> another certificate file (file4.pem). OpenSSL reports that it cannot
> find the issuer of the cert in file3.pem; while when I displays
> file3.pem and file4.pem, it appears that the issuer of the cert in
> file3.pem is the same as the subject of the cert in file4.pem. Did I
> miss anything?
>
More information about the openssl-users
mailing list