Hi Alan,
I'm unable to reproduce that by simply putting cruft before the
'-----BEGIN CERTIFICATE-----' line.
If you can you provide me with a certificate file producing the error
I'd be happy to look into it.
Thanks,
Linus
Sam Hartman <[log in to unmask]> wrote
Wed, 5 Feb 2014 07:04:42 -0500:
| In general, openssl applications are expected to deal with other stuff
| in pem files besides the PEM blob.
| Common case is a key and cert in the same file.
|
|
| From: [log in to unmask]
| Subject: Re: Workshop
| To: [log in to unmask]
| Cc: [log in to unmask], [log in to unmask], [log in to unmask],
| [log in to unmask], [log in to unmask], [log in to unmask],
| [log in to unmask], [log in to unmask]
| Date: Wed, 5 Feb 2014 11:47:03 +0000 (5 weeks, 5 days, 1 hour ago)
|
| Hi,
|
| > Thanks to Alan B and Rhys for the Debian instructions, which worked
| almost perfectly for CentOS as well (I have since realised that there
| were some steps I missed, amongst them the concatenation of the
| certs).
|
| ah....reminds me... it appears that the radsec lib doesnt like 'other stuff' in the cert files. thats broken..
| SSL utils/tools etc should only care about the BEGIN and END lines and deal with stuff between...and not expect
| those BEGIN lines to be at start of file. people shouldnt need to massage their cert files during concatentation
|
| alan
| ----------
|