#37 package included certificates are invalid

open
nobody
None
5
2008-04-16
2008-04-16
Erik Leunissen
No

Verifying the signatures in the certificates server.pem and client.pem fails (see below).
That in turn would mean that none of the package tests exercise the TLS handshake (otherwise they would have failed). I can't imagine that that's intended.

> openssl
OpenSSL> verify -CAfile ca.pem server.pem
server.pem: /C=CA/ST=British Columbia/L=Vancouver/O=Sample Certs Intl
error 18 at 0 depth lookup:self signed certificate
/C=CA/ST=British Columbia/L=Vancouver/O=Sample Certs Intl
error 7 at 0 depth lookup:certificate signature failure
6714:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:100:
6714:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:699:
6714:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:168:
OpenSSL> verify -CAfile ca.pem client.pem
client.pem: /C=CA/ST=British Columbia/L=Vancouver/O=Sample Certs Intl
error 18 at 0 depth lookup:self signed certificate
/C=CA/ST=British Columbia/L=Vancouver/O=Sample Certs Intl
error 7 at 0 depth lookup:certificate signature failure
6714:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:100:
6714:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:699:
6714:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:168:
OpenSSL> exit

Discussion