Re: cert chain file ordering question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The certs are built into a stack... they are pushed... so element 0 is the last thing in the list.
The chain starts with 0, and then can search the rest.


On Tue, Jan 9, 2018 at 2:55 PM, Norm Green <norm.green@xxxxxxxxxxxxxxxxxx> wrote:
On 1/9/2018 6:03 AM, Benjamin Kaduk wrote:
Did you try something like (with a 1.1.0 installation):

openssl verify -CAfile RootCA.pem -untrusted chain.pem chain.pem

with the leaf certificate as the first one in chain.pem?

 Same result. The only way it seems to work is if the leaf cert appears at the end of the file.

Norm


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux