这是一个创建于 3638 天前的主题,其中的信息可能已经有所发展或是发生改变。
根据ocser的官方教程,我创建好ca server以及client证书,并通过
certtool --verify --load-ca-certificate ../ca-cert.pem --infile user-cert.pem
Loaded 1 certificates, 1 CAs and 0 CRLs
Subject: CN=marlonlu,OU=admins
Issuer: CN=digitalocean CA,O=digital ocean
Checked against: CN=digitalocean CA,O=digital ocean
Output: Verified. The certificate is trusted.
Chain verification output: Verified. The certificate is trusted.
验证user-cert.pem是有效并且可行的证书,但为什么我把user-cert.pem导出p12格式的证书,ocserv反而提示
GnuTLS error (at worker-vpn.c:732): No certificate was found
我利用上一条命令去校验p12证书时:
certtool --verify --load-ca-certificate ../ca-cert.pem --infile key.p12
校验p12格式的证书,也是提示类似问题
error parsing CRTs: No certificate was found