[MacPorts] #46596: openssl-1.0.1k breaks certificate signature verification
MacPorts
noreply at macports.org
Sat Jan 17 09:32:38 PST 2015
#46596: openssl-1.0.1k breaks certificate signature verification
---------------------+--------------------------------
Reporter: uri@… | Owner: macports-tickets@…
Type: defect | Status: new
Priority: High | Milestone:
Component: ports | Version: 2.3.3
Keywords: openssl | Port: openssl
---------------------+--------------------------------
Current openssl-1.0.1k_0 port breaks certificate signature verification:
{{{
$ openssl version
OpenSSL 1.0.1k 8 Jan 2015
$ openssl verify -CAfile RabbitMQ_Test_CA.pem -verbose RabbitMQ_Test.pem
RabbitMQ_Test.pem: CN = RabbitMQ_Test, C = US
error 7 at 0 depth lookup:certificate signature failure
$ /usr/bin/openssl version
OpenSSL 0.9.8za 5 Jun 2014
$ /usr/bin/openssl verify -CAfile RabbitMQ_Test_CA.pem -verbose
RabbitMQ_Test.pem
RabbitMQ_Test.pem: OK
$
}}}
Needless to say, certificates in question are correct and work fine
elsewhere. They also validate just fine on the same machine/platform (Mac
OS X 10.9.5 and Xcode-6.1.1) using native openssl port, as shown above.
One certificate that demonstrates this problem is attached, together with
its CA cert.
This is a critical problem.
--
Ticket URL: <https://trac.macports.org/ticket/46596>
MacPorts <https://www.macports.org/>
Ports system for OS X
More information about the macports-tickets
mailing list