[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Problems handling X.509 certificates
|
From: |
lfinsto |
|
Subject: |
Re: Problems handling X.509 certificates |
|
Date: |
Mon, 30 Nov 2009 11:11:49 +0100 (CET) |
|
User-agent: |
SquirrelMail/1.4.9a |
Laurence Finston wrote:
> One reason I wanted to try verifying a certificate chain using the library
> functions was because of a problem I'm having with the actual certificates
> I need to use. Verification works in the client and server programs when
> I use certificates generated by `certtool', but it fails when I use my
> certificate from the DFN (Deutsches Forschungsnetz
> (http://www.pki.dfn.de/index.php?id=gridroot) and its root certificate.
> However, it does work to verify them using `certtool -e'. Does anyone
> have an idea what the reason for this could be?
Never mind, I found the problem: I had extracted the private key using
`openssl pkcs12 -nocerts -in usercred.p12 -out userkey.pem' so that key
was encrypted. It worked after I extracted an unencrypted key using the
`-nodes' option.
Thanks,
Laurence
Laurence Finston
Gesellschaft fuer wissenschaftliche Datenverarbeitung mbH
Am Fassberg 11
37077 Goettingen
Telefon: +49 551 201-1882
E-Mail: address@hidden