[openssl-users] [openssl-dev] X509_verify() error - block type is not 01
Viktor Dukhovni
openssl-users at dukhovni.org
Mon Jun 22 03:31:39 UTC 2015
On Mon, Jun 22, 2015 at 08:57:08AM +0530, Nayna Jain wrote:
> What will X509_verify() will verify if I pass it public key.
It checks the signature of the certificate using the supplied key.
> I mean does it check the private key with which certificate was signed, or
> the public key which this certificate signs.
It checks whether the given key *signed* the certificate. It does
not examine the key in the certificate (the subject public key).
> Sorry, I think I am still bit not clear on purpose of the API.
X509_verify() verifies the certificate signature via the issuer
public key.
--
Viktor.
More information about the openssl-users
mailing list