Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Is there a script that uses openssl to verify the certificates in the certificate chain or some tool? #2826

Open
PrakashK94 opened this issue Sep 4, 2024 · 4 comments
Labels
question Further information is requested

Comments

@PrakashK94
Copy link

No description provided.

@steven-bellock steven-bellock added the question Further information is requested label Sep 4, 2024
@steven-bellock
Copy link
Contributor

openssl verify will verify / validate a certificate chain. I have also thought that https://github.com/DMTF/SPDM-Responder-Validator should have a standalone SPDM certificate chain validation tool, so that folks can validate their certificate chains to the SPDM specification without having to construct a full Responder.

@PrakashK94
Copy link
Author

Any other tool available?
Have you ever verified it using openssl verify tool? Can you share an example?

@steven-bellock
Copy link
Contributor

Any other tool available?

Probably? Most folks use OpenSSL because it's free and comes pre-installed on a lot of Linux distributions.

Can you share an example?

libspdm/unit_test/sample_key/rsa2048>cat ca.cert inter.cert end_responder.cert > chain.cert
libspdm/unit_test/sample_key/rsa2048>openssl verify -CAfile ca.cert chain.cert
chain.cert: OK

@steven-bellock
Copy link
Contributor

@PrakashK94 if this answered your question please close the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants