On 26/07/2016 16:09, Piotr Panasewicz wrote: > Hi, > > There?s seems to be no good explanation on the website on how to build OpenSSL with CA certificates so I thought I?ll give a try here. > I?ve copied all the CA certs I have to the certs folder and built, unfortunately I still get certificate validation errors with the library I uses (it links to OpenSSL dynamically). > I have all the CA certs in pem format, should I include some kind of flag or do something else? > > Thanks in advance, > Peter > > You also need to create the relevant symlinks with the c_rehash script or equivalent. This is documented in the c_rehash manpage included in OpenSSL (in doc/apps/c_rehash.pod before compiling). If a single /etc/cert directory is shared by OpenSSL 0.9.x and OpenSSL 1.0.x, you will need symlinks for both the old and new digest formulas. Like this: c_rehash /etc/certs # Only do this second step if OpenSSL 0.9.x is sharing the directory with 1.0.x # (Situation with OpenSSL 1.1.x is unknown): c_rehash -n -old /etc/certs Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded
