From: Thierry Parmentelat <thierry.parmentelat@inria.fr>
Date: Fri, 13 Jan 2017 12:34:23 +0000 (+0100)
Subject: no change - only notes on using the openssl command line for debugging
X-Git-Tag: sfa-3.1-21~1
X-Git-Url: http://git.onelab.eu/?p=sfa.git;a=commitdiff_plain;h=48c973eac73e55b546f2ee480997a19113d05fd6

no change - only notes on using the openssl command line for debugging
---

diff --git a/sfa/trust/certificate.py b/sfa/trust/certificate.py
index 5ad616a3..960a387d 100644
--- a/sfa/trust/certificate.py
+++ b/sfa/trust/certificate.py
@@ -35,6 +35,15 @@
 ##
 #
 
+# Notes on using the openssl command line
+#
+# for verifying the chain in a gid, assuming it is split into pieces p1.pem p2.pem p3.pem
+# you can use openssl to verify the chain using this command
+# openssl verify -verbose -CAfile <(cat p2.pem p3.pem) p1.pem
+# also you can use sfax509 to invoke openssl x509 on all parts of the gid
+#
+
+
 from __future__ import print_function
 
 import functools