Problems handling X.509 certificates
lfinsto at gwdg.de
lfinsto at gwdg.de
Mon Nov 30 11:11:49 CET 2009
Laurence Finston wrote:
> One reason I wanted to try verifying a certificate chain using the library
> functions was because of a problem I'm having with the actual certificates
> I need to use. Verification works in the client and server programs when
> I use certificates generated by `certtool', but it fails when I use my
> certificate from the DFN (Deutsches Forschungsnetz
> (http://www.pki.dfn.de/index.php?id=gridroot) and its root certificate.
> However, it does work to verify them using `certtool -e'. Does anyone
> have an idea what the reason for this could be?
Never mind, I found the problem: I had extracted the private key using
`openssl pkcs12 -nocerts -in usercred.p12 -out userkey.pem' so that key
was encrypted. It worked after I extracted an unencrypted key using the
`-nodes' option.
Thanks,
Laurence
Laurence Finston
Gesellschaft fuer wissenschaftliche Datenverarbeitung mbH
Am Fassberg 11
37077 Goettingen
Telefon: +49 551 201-1882
E-Mail: lfinsto at gwdg.de
More information about the Gnutls-help
mailing list