Terry,
It is not a problem with your certificates, it is a problem with the
server certificates. It would be hard to guess what the problem might be
without more information. It could be as simple as your failing to provide
OpenSSL with a set of trusted root certificates. If you want to bypass
authentication JUST FOR TESTING PURPOSES, you can do so by calling
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE). But note that any connections made
are not authenticated, but they are enrcrypted.
_____________________________________
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_____________________________________
----- Original Message -----
From: "Terry Bird" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, January 25, 2001 9:10 PM
Subject: Is this a certificate problem?
>
>
> Hi,
>
> Im new to SSL and Im having trouble with RC4-128 encrypted sites. Im
hoping
> that its just be a problem with my certificates. If I force it to bypass
> this code its okay:
>
>
> i=ssl_verify_cert_chain(s,sk);
> if ((s->verify_mode != SSL_VERIFY_NONE) && (!i))
> {
> al=ssl_verify_alarm_type(s->verify_result);
>
SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
> goto f_err;
> }
>
>
> This code is in the function ssl3_get_server_certificate(), in the file
> s3_clnt.c.
>
> So, does this look like a certificate problem?
>
>
> Thanks for any help.
>
>
> Terry
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
