On 1/12/2011 3:19 PM, Jijo wrote:
Hi All,
I hope this a basic question for you guys..
I'm trying to setup TLS connection between Client and Server.
In the server i did following things,
1. Created a selfsigned rootCA
2. Created IntermediateCA and signed with rootCA.
3. Create a Server Certificate and signed with intermediateCA.
4. Appened the rootCA also to the server Certficate.
In the Client.
1. Create a Server Certificate and signed with rootCA.
2. Stored CA as rootCA
Now i made a TLS connection from Client to Server and the client returns
an error:20 "Unable to get Local Issuer Certficate".
If the client doesn't have the intermediate certificate, how can it know
the server's certificate is valid?
I don't see this error if i use intermediateCA as CA in Client !!!!
Am i supposed to use intermediateCA as CA in Client?
You have to get the IC to the client somehow. The usual method is to
have the server send it. Does the server software provide a way to
supply a certificate chain?
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org