Hi Dan,

In message <6.1.2.0.2.20060925094024.0322b008@192.168.0.11> on Mon, 25 Sep 2006 09:50:32 -0600, Dan O'Reilly said:

dano> My CA is another system (Windows) and I requested it to create
dano> the trusted root certificate in PKCS7 format, which I copied to
dano> my VMS system. I can use OPENSSL PKCS7 to view the package
dano> contents, and it contains a single certificate. I then tried to
dano> do an OPENSSL VERIFY on that package, and it keeps coming up
dano> with "NO START LINE" and "EXPECTING: TRUSTED CERTIFICATE"
dano> errors. Finally, I tried "openssl s_clienit -connect
dano> :636 -certfore der -CAfile
dano> and it comes up with the following:

You need to extract the certificate from that PKCS#7 package and use
the resulting file. Since OPENSSL PKCS7 will give you the certificate
in PEM format, the best you can probably do is save that in a .PEM
file, and then use it as follows:

openssl s_client -connect :636 -CAfile .PEM

Cheers,
Richard

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte richard@levitte.org
http://richard.levitte.org/

"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
-- C.S. Lewis
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org