Certificates that work on RHEL 7 cannot be verified on RHEL 8
Issue
- Certificates created by a Certificate Authority (CA) cannot be successfully verified on RHEL 8 while there are no issues on RHEL 7.
-
RHEL 7
# openssl verify -verbose -CAfile cacert.crt example.crt example.crt: OK
-
RHEL 8
# openssl verify -verbose -CAfile=cacert.crt example.crt C = GB, O = Example Ltd., OU = Example Ltd. Certificates, CN = Example Certificate error 7 at 0 depth lookup: certificate signature failure error example.crt: verification failed 140449106233152:error:04091068:rsa routines:int_rsa_verify:bad signature:crypto/rsa/rsa_sign.c:228: 140449106233152:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:crypto/asn1/a_verify.c:179:
Environment
- Red Hat Enterprise Linux 8
openssl-1.1.1
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.