(Forwarded to openssl-users) The subjectName of file4.pem matches the issuerName of file3.pem, the signature block in file3.pem, when verified with the public key of file4.pem, gives a correct signature for the tbsCertificate of file3.pem. But Openssl also (incorrectly, IMO) checks that file4.pem.SKI matches file3.pem.AKI, and refuses to go further (here, AKI doesn't match SKI). -- Erwann ABALEA Le 03/04/2015 03:10, Yuting Chen a ?crit : > I used OpenSSL to verify a certificate file (file3.pem) against > another certificate file (file4.pem). OpenSSL reports that it cannot > find the issuer of the cert in file3.pem; while when I displays > file3.pem and file4.pem, it appears that the issuer of the cert in > file3.pem is the same as the subject of the cert in file4.pem. Did I > miss anything? >
