[Fixed] Expired CA - clients can't connect / again
Posted: Fri May 24, 2019 7:04 am
Hi there.
I went into the same issue with the expired CA which is mentioned here: viewtopic.php?f=22&t=18671
However, the suggested method does not work for me:
I noticed the key-size changed from 1024 to 2048:
ca.crt
ca_new.crt
It'd be great if someone could give me some hints.
Thanks!
I went into the same issue with the expired CA which is mentioned here: viewtopic.php?f=22&t=18671
However, the suggested method does not work for me:
Code: Select all
# openssl verify -CAfile ca.crt test.crt
C = ...
error 10 at 1 depth lookup: certificate has expired
C = ...
error 10 at 0 depth lookup: certificate has expired
error test.crt: verification failed
# openssl x509 -in ca.crt -days 36500 -out ca_new.crt -signkey ca.key
# openssl verify -CAfile ca_new.crt test.crt
C ...
error 7 at 0 depth lookup: certificate signature failure
error test.crt: verification failed
140120692352832:error:04091077:rsa routines:int_rsa_verify:wrong signature length:crypto/rsa/rsa_sign.c:132:
140120692352832:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:crypto/asn1/a_verify.c:171:
ca.crt
Code: Select all
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Code: Select all
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Thanks!