Jks converted to Pem error in veirfying

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Jan,
Thanks for you reply.  I have sent you the mail with the certificates.  The
version is.
OpenSSL 0.9.8k 25 Mar 2009

?Regards
Anil?


















Sent with MailTrack
<https://mailtrack.io/install?source=signature&lang=en&referral=anilmathew001 at gmail.com&idSignature=22>

On Tue, Jan 12, 2016 at 2:02 AM, Jan Just Keijser <janjust at nikhef.nl> wrote:

> Hi,
>
> On 10/01/16 05:15, Anil Mathew wrote:
>
> I am a novice in terms of ssl and hence have limited knowledge in this.
> Please help
>
> I have been a given a jks file that has server certificate, client
> certificate and a key for the client certificate.  I need to convert it to
> pem to use it in my application.
>
> I have converted a jks file to p12 and then to pem.
> However when i try to verify i get the following error.
>
> echo |openssl verify -verbose -purpose sslclient -issuer_checks -CApath
> C:\Data\Openssl\demoCA\certs -CAfile client.pem client.pem
> client.pem: /CN=cn/O=o/L=L/ST=il/C= c
> error 29 at 0 depth lookup:subject issuer mismatch
> /CN=cn/O=o/L=L/ST=il/C= c
> error 29 at 0 depth lookup:subject issuer mismatch
> /CN=cn/O=o/L=L/ST=il/C= c
> error 29 at 0 depth lookup:subject issuer mismatch
> /CN=cn/O=o/L=L/ST=il/C= c
> error 29 at 0 depth lookup:subject issuer mismatch
> /CN=cn/O=o/L=L/ST=il/C= c
> error 20 at 0 depth lookup:unable to get local issuer certificate
>
>
> this could be a PRINTABLE_STRING  / UTF8_STRING mismatch - can you send me
> the certificates (not the key!) via private email and I will have a look.
> There are some funky options you can add to openssl to see how the
> certificate is composed.
>
> Also, it would help to list the exact version of openssl that you are
> using (run 'openssl version').
>
> HTH,
>
> JJK
>
>
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>


-- 
Best Regards
Anil Mathew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160112/131c9f7e/attachment.html>
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux