Hello, it seems that there are some incompatibilities out there. For some hosts establishing a SSL connection fails, when using openssl, but it succeeds when using a browser. This in one example:
F:\openssl>openssl.exe s_client -connect bshop.esprit.com:443 Loading 'screen' into random state - done CONNECTED(00000778) depth=1 /C=GB/O=Comodo Limited/OU=Comodo Trust Network/OU=Terms and Conditions of use: http://www.comodo.net/repository/OU=(c)2002 Comodo Limited/CN=Comodo Class 3 Security Services CA verify error:num=20:unable to get local issuer certificate verify return:0 3056:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:.\crypto\rsa\rsa_pk1.c:100: 3056:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:.\c rypto\rsa\rsa_eay.c:580: 3056:error:1408D07B:SSL routines:SSL3_GET_KEY_EXCHANGE:bad signature:.\ssl\s3_cl nt.c:1189: I have seen the "RSA_padding_check_PKCS1_type_1" when verifying a CRL, too. Can anybody explain it and give me a hint how I can connect with openssl to that host? Maybe there is a compatibility switch? Thanks Jan ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
