Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-certificate-manager / 8f60085ebdbffd054ebe0e76d57b90e6bad7c838
commit8f60085ebdbffd054ebe0e76d57b90e6bad7c838[log] [tgz]
authorJayanth Othayoth <ojayanth@in.ibm.com>Mon Oct 08 20:44:45 2018 -0500
committerJayanth Othayoth <ojayanth@in.ibm.com>Mon Oct 15 08:56:12 2018 -0500
tree0de8cf9761638636d3e816a9df7bca71980a4a57
parent9abfae88195b9d177fde85b0af06c1310e9509c5 [diff]
Ignore trust-chain related errors during certificate upload

This patch allow user to upload CA signed certificate file
with out CA certificate in the certificate store or in the chain.

Ignore trust chain related errors during openssl based verification.

Trust chain error info:
    X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
    X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN
    X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
    X509_V_ERR_CERT_UNTRUSTED
    X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE

Change-Id: I86d00947c0c581afcfa34fc238155f8c7a05971c
Signed-off-by: Jayanth Othayoth <ojayanth@in.ibm.com>
1 file changed
tree: 0de8cf9761638636d3e816a9df7bca71980a4a57
  1. test/
  2. .clang-format
  3. .gitignore
  4. argument.cpp
  5. argument.hpp
  6. bootstrap.sh
  7. certs_manager.cpp
  8. certs_manager.hpp
  9. configure.ac
  10. LICENSE
  11. mainapp.cpp
  12. Makefile.am
  13. README.md
README.md

phosphor-certificate-manager

Certificate management allows to replace the existing certificate and private key file with another (possibly CA signed) Certificate key file. Certificate management allows the user to install both the server and client certificates.

To Build

To build this package, do the following steps:

    1. ./bootstrap.sh
    2. ./configure ${CONFIGURE_FLAGS}
    3. make

To clean the repository run `./bootstrap.sh clean`.