NTS: removed "not implemented" on server ca
Achim Gratz
Stromeko at nexgo.de
Wed Apr 3 18:23:37 UTC 2019
Gary E. Miller via devel writes:
>> I think openssl is expecting the root cert.
OpenSSL expects a PKI directory (in which each cert has to have a
certain filename so it doesn't have to read all files each time) or a
bundle file with all the certs concatenated.
> And in the case of ostfalia, I only could get their root cert becuase I
> was talking to the guy. Much more common case is I just have the end
> cert.
If you can't get the root cert, you cannot validate anything that has
this root as the trust anchor. A root cert is nothing but a normal cert
that is signed by the same public key that it certifies (plus some
metadata around it). It's a "root" cert because there is no further way
of verifying it.
Regards,
Achim.
--
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
SD adaptations for KORG EX-800 and Poly-800MkII V0.9:
http://Synth.Stromeko.net/Downloads.html#KorgSDada
More information about the devel
mailing list