Re: OpenVPNGui 2.4.7 fails: format error in certificate's notAfter field

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, 04 Mar 2019 10:06:54 +0100,
Jan Just Keijser wrote:
...
> Having said that, I just created a certificate set to expire on Mar 9 2037 and it passed the
> following command:
>   c:\program files\openvpn\bin\openssl x509 -dates -subject -noout -in mycert.crt
> 
> can you run the same command on the failing certificate?

That's a poor test.  'openssl x509' doesn't verify the certificate,
and the error comes up during verification.  To verify, use 'openssl
verify'.  Here's an example with OpenSSL test files:

    openssl verify -trusted test/certs/root-cert.pem test/certs/ca-cert.pem 

So in Wolfgang's case, I suspect something like this would say more:

    openssl verify -trusted .....ca.crt .....user.crt

Cheers,
Richard

-- 
Richard Levitte         levitte@xxxxxxxxxxx
OpenSSL Project         http://www.openssl.org/~levitte/
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux