no change - only notes on using the openssl command line for debugging

author Thierry Parmentelat <thierry.parmentelat@inria.fr>

Fri, 13 Jan 2017 12:34:23 +0000 (13:34 +0100)

committer Thierry Parmentelat <thierry.parmentelat@inria.fr>

Fri, 13 Jan 2017 12:34:23 +0000 (13:34 +0100)
author Thierry Parmentelat <thierry.parmentelat@inria.fr>
Fri, 13 Jan 2017 12:34:23 +0000 (13:34 +0100)
committer Thierry Parmentelat <thierry.parmentelat@inria.fr>
Fri, 13 Jan 2017 12:34:23 +0000 (13:34 +0100)
diff --git a/sfa/trust/certificate.py b/sfa/trust/certificate.py

index 5ad616a..960a387 100644 (file)
--- a/sfa/trust/certificate.py
+++ b/sfa/trust/certificate.py
@@ -35,6 +35,15 @@
  ##
  #
  
+# Notes on using the openssl command line
+#
+# for verifying the chain in a gid, assuming it is split into pieces p1.pem p2.pem p3.pem
+# you can use openssl to verify the chain using this command
+# openssl verify -verbose -CAfile <(cat p2.pem p3.pem) p1.pem
+# also you can use sfax509 to invoke openssl x509 on all parts of the gid
+#
+
+
  from __future__ import print_function
  
  import functools
author	Thierry Parmentelat <thierry.parmentelat@inria.fr>
	Fri, 13 Jan 2017 12:34:23 +0000 (13:34 +0100)
committer	Thierry Parmentelat <thierry.parmentelat@inria.fr>
	Fri, 13 Jan 2017 12:34:23 +0000 (13:34 +0100)