> From: owner-openssl-us...@openssl.org On Behalf Of David Woodhouse > Sent: Friday, 22 May, 2009 05:49 > To: openssl-users@openssl.org > Subject: Re: TLS compatibility problem -- can connect to > server with NSS but not OpenSSL. > > On Thu, 2009-05-21 at 22:44 +0100, David Woodhouse wrote: > > I'm trying to connect to an HTTPS server, and my connection > is being > > rejected when I use a client certificate: > > [dw...@macbook ~]$ openssl s_client -cert $CERT -connect > $SERVER:443 > > -crlf -tls1 > > CONNECTED(00000003) > > depth=1 /C=US/O=Foo Corporation/CN=Foo Intranet Basic Issuing CA 2A > > verify error:num=20:unable to get local issuer certificate verify > > return:0 24620:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl > > handshake failure:s3_pkt.c:530: > Those errors are run together; there should be different line breaks.
> I've discovered that it works if I also use the '-CAfile' > option and give it the appropriate certificate chain. If I > use an empty CAfile or one with the wrong certificates in it, > the server still hates me. > I don't understand why you got verify return 0 above. In at least all 098* that I've used, s_client logs verify errors on the server cert (like no-issuer or self-signed) but ignores them and continues. However, since s3_pkt:530 is a failure on our end of the handshake, maybe it is indeed failing for verification. Or maybe something else, since according to your wireshark it certainly does seem the client sends the rest of the sequence (cert, keyxch, verify, change, finished?). I suggest running the client with -state and -msg or probably better -debug to get (much) more detailed information about what it's doing. And check (or ask) if the server logs any helpful error messages. I assume your $CERT file actually contains cert AND KEY, otherwise you should have gotten quite different errors. > But NSS can connect without having to have the certificate > chain in place locally. Is there a way to make OpenSSL behave > similarly, so that it doesn't upset the server? > Presumably it's not verifying the server, then. That's a local choice and doesn't bother the protocol. It's usually not good security practice; whether it's acceptable in your application is up to you. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
