openssl verify command doesn't work

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

openssl verify command doesn't work

CAMPETTO CLAUDIO
>>>>openssl version
openssl 1.0.2k-fips

>>>>man verify
VERIFY(1)                                                                                   OpenSSL                                                                                   VERIFY(1)

NAME
       verify - Utility to verify certificates.

SYNOPSIS
       openssl verify [-CApath directory] [-CAfile file] [-trusted_first] [-purpose purpose] [-policy arg] [-ignore_critical] [-attime timestamp] [-check_ss_sig] [-crlfile file]
       [-crl_download] [-crl_check] [-crl_check_all] [-policy_check] [-explicit_policy] [-inhibit_any] [-inhibit_map] [-x509_strict] [-extended_crl] [-use_deltas] [-policy_print]
       [-no_alt_chains] [-allow_proxy_certs] [-untrusted file] [-help] [-issuer_checks] [-trusted file] [-verbose] [-] [certificates]


>>>>openssl verify -CAfile CATest2.cacert.pem -crl_check -crlfile CATest2.crl.pem testrinnovo1_nuovo.pem

usage: verify [-verbose] [-CApath path] [-CAfile file] [-trusted_first] [-purpose purpose] [-crl_check] [-no_alt_chains] [-attime timestamp] [-engine e] cert1 cert2 ...




It seems a lot of options are missing...
________________________________

Le informazioni contenute in questo messaggio di posta elettronica sono da considerarsi riservate e confidenziali. Il loro utilizzo è consentito esclusivamente al destinatario in indirizzo e ne è vietata la diffusione in qualunque modo eseguita, salvo che ne sia data espressa autorizzazione dal mittente. Nel caso in cui il messaggio Le fosse pervenuto per errore, La invitiamo gentilmente ad eliminarlo in modo permanente dopo averne dato tempestiva comunicazione al mittente e a non utilizzare in alcun caso il suo contenuto. Qualsivoglia utilizzo non autorizzato di questo messaggio e dei suoi eventuali allegati espone il responsabile alle relative conseguenze civili e penali.

This communication is confidential and the use of the contained information is allowed solely for the intended recipient. Its disclosure, distribution or copying is prohibited, unless expressly authorized by the sender. If you receive this communication by mistake please notify us and delete the message and its attachments. Anyone responsible for the unauthorized use of this message and its attachments is liable to face legal consequences.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: openssl verify command doesn't work

Viktor Dukhovni


> On Mar 2, 2018, at 9:49 AM, CAMPETTO CLAUDIO <[hidden email]> wrote:
>
>>>>> openssl verify -CAfile CATest2.cacert.pem -crl_check -crlfile CATest2.crl.pem testrinnovo1_nuovo.pem
>
> usage: verify [-verbose] [-CApath path] [-CAfile file] [-trusted_first] [-purpose purpose] [-crl_check] [-no_alt_chains] [-attime timestamp] [-engine e] cert1 cert2 ...

Thanks for the report.  The documentation is slated to be fixed
via https://github.com/openssl/openssl/pull/5492

In the meantime, use "-CRLfile", which is the correction option name
(case convention analogous to "-CAfile" and "-CApath", ...).

--
        Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

R: openssl verify command doesn't work

CAMPETTO CLAUDIO
Thanks

-----Messaggio originale-----
Da: openssl-users [mailto:[hidden email]] Per conto di Viktor Dukhovni
Inviato: venerdì 2 marzo 2018 16:38
A: [hidden email]
Oggetto: Re: [openssl-users] openssl verify command doesn't work



> On Mar 2, 2018, at 9:49 AM, CAMPETTO CLAUDIO <[hidden email]> wrote:
>
>>>>> openssl verify -CAfile CATest2.cacert.pem -crl_check -crlfile
>>>>> CATest2.crl.pem testrinnovo1_nuovo.pem
>
> usage: verify [-verbose] [-CApath path] [-CAfile file] [-trusted_first] [-purpose purpose] [-crl_check] [-no_alt_chains] [-attime timestamp] [-engine e] cert1 cert2 ...

Thanks for the report.  The documentation is slated to be fixed via https://github.com/openssl/openssl/pull/5492

In the meantime, use "-CRLfile", which is the correction option name (case convention analogous to "-CAfile" and "-CApath", ...).

--
        Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
________________________________

Le informazioni contenute in questo messaggio di posta elettronica sono da considerarsi riservate e confidenziali. Il loro utilizzo è consentito esclusivamente al destinatario in indirizzo e ne è vietata la diffusione in qualunque modo eseguita, salvo che ne sia data espressa autorizzazione dal mittente. Nel caso in cui il messaggio Le fosse pervenuto per errore, La invitiamo gentilmente ad eliminarlo in modo permanente dopo averne dato tempestiva comunicazione al mittente e a non utilizzare in alcun caso il suo contenuto. Qualsivoglia utilizzo non autorizzato di questo messaggio e dei suoi eventuali allegati espone il responsabile alle relative conseguenze civili e penali.

This communication is confidential and the use of the contained information is allowed solely for the intended recipient. Its disclosure, distribution or copying is prohibited, unless expressly authorized by the sender. If you receive this communication by mistake please notify us and delete the message and its attachments. Anyone responsible for the unauthorized use of this message and its attachments is liable to face legal consequences.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users