On Fri, Jun 06, 2003, rajagopalan ramanujam wrote:
> hi,
>
> I exported thawte server CA and verisign class3
> certificates from the browser for testing and
> converted to C structure using x509 -C -in xxx.cer >
> xxx.C and added to my SSL client. Following is the
> code below.
>
> I am calling this function in a loop to load the
> certificates:
>
> unsigned char thawte_cert[791] = {
> 0x30,0x82...};
>
> unsigned char verisign_cert[576] = {
> 0x30,0x82...};
>
>
> SSL_load_cert(ctx,thawte_cert,791);
> SSL_load_cert(ctx,verisign_cert,576);
>
>
> SSL_load_cert(SSL_CTX *ctx,char *c,int size)
> {
> x = d2i_X509(NULL,&c,size);
> cert_store = SSL_CTX_get_cert_store(ctx);
> X509_STORE_add_cert(cert_store,x);
> return;
> }
>
> I verified the same certificates in .pem format using
> openssl s_client and its connects to
> www.paypal.com..but when i connect from my client it
> gives X509_V_ERR_CERT_SIGNATURE_FAILURE.
>
> If i try connecting to www.thwate.com:443 it works but
> it gives the same error when i am trying to connect to
> other servers with thawte signed certificates.
>
>
> Can anyone plese let me know what's going on....
>
Well I could say read the FAQ...
Alternatively since I'm feeling in a good mood I'll say its probably a missing
OpenSSL_add_all_algorithms(). With appologies in advance if it isn't :-)
Steve.
--
Dr Stephen N. Henson.
Core developer of the OpenSSL project: http://www.openssl.org/
Freelance consultant see: http://www.drh-consultancy.demon.co.uk/
Email: [EMAIL PROTECTED], PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
