[Pkg-openssl-devel] Bug#375834: openssl bug
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Tue Jan 10 20:41:58 UTC 2017
On 2006-06-28 13:55:18 [+0200], jan at roesner.it wrote:
> The verification of CRL's does not work correctly. What happens is:
>
> $>openssl crl -inform PEM -in ca-1.crl.pem -CAfile ca-1.pem -noout
> $>verify OK
>
> Then I try :
>
> $>openssl crl -inform PEM -in ca-1.crl.pem -CAfile ca-2.pem -noout
> $>verify OK
>
> But ca-1.pem and ca-2.pem are completely different certificates. In
> Version 0.9.7i this error did not occur. Please fix.
Does this still happen and does it happen if you add
-no-CAfile -no-CApath
to the check? I assume that the CAfile you specified is ignored because
the default CA matches.
> Thx in advance
> Jan Roesner
> jan at roesner.it
Sebastian
More information about the Pkg-openssl-devel
mailing list