[gnutls-devel] A certificate is verified by Gnutls but rejected by OpenSSL/PolarSSL
Yuting Chen
chenyt at cs.sjtu.edu.cn
Wed Apr 1 23:15:49 CEST 2015
I made a certificate and verified it using gnutls, openssl, and polarssl.
It can be verified by gnutls, but be rejected the other two due to
certificate signature failures. It is a special case because in many other
cases in my experiment, gnutls tends to "reject" certificates if openssl
"rejects" them. Can anyone help me find the reason (to ensure that gnutls
has checked the signature correctly)?
Openssl: openssl verify -CAfile fa_rootCA_key_cert.pem file.pem
Polarssl: cert_app mode='file' filename=file.pem
ca_file=fa_rootCA_key_cert.pem
Gnutls: certtool -verify
--load-ca-certificate=fa_rootCA_key_cert.pem <file.pem
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150401/b3ba24f1/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: file.pem
Type: application/x-x509-ca-cert
Size: 3080 bytes
Desc: not available
URL: </pipermail/attachments/20150401/b3ba24f1/attachment.crt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fa_rootCA_key_cert.pem
Type: application/x-x509-ca-cert
Size: 1815 bytes
Desc: not available
URL: </pipermail/attachments/20150401/b3ba24f1/attachment-0001.crt>
More information about the Gnutls-devel
mailing list