I tried openssl to download a remote cert on my181.svr.us.cyber.net Below are the 3 steps to generate self sign certificate.
1)To generate keys: /opt/boksm/lib/openssl genrsa -des3 -out server2.key 2048 -config /usr/sfw/lib/webmin/acl/openssl.cnf 2)To generate CSR /opt/boksm/lib/openssl req -new -key server2.key -out server2.csr -config /usr/sfw/lib/webmin/acl/openssl.cnf 3)To generate certificate view plaincopy to clipboardprint? /opt/boksm/lib/openssl x509 -req -days 365 -in server2.csr -signkey server2.key -out server2.crt /opt/boksm/lib/openssl x509 -req -days 365 -in server2.csr -signkey server2.key -out server2.crt And then used view plaincopy to clipboardprint? /opt/boksm/lib/openssl s_client -connect my181.svr.us.cyber.net:12201 -key server2.key -cert server2.crt -CAfile ca.crt /opt/boksm/lib/openssl s_client -connect my181.svr.us.cyber.net:12201 -key server2.key -cert server2.crt -CAfile ca.crt To connect view plaincopy to clipboardprint? /opt/boksm/lib/openssl s_client -connect my181.svr.us.cyber.net:12201 -key server2.key -cert server2.crt -CAfile ca.crt /opt/boksm/lib/openssl s_client -connect my181.svr.us.cyber.net:12201 -key server2.key -cert server2.crt -CAfile ca.crt view plaincopy to clipboardprint? Enter pass phrase for server2.key: ****** 15959:error:0906D064:PEM routines:PEM_read_bio:bad base64 decode:pem_lib.c:765: 15959:error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib:by_file.c:280: CONNECTED(00000004) depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 verify error:num=20:unable to get local issuer certificate verify return:0 15959:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1060:SSL alert number 48 15959:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: Enter pass phrase for server2.key: ****** 15959:error:0906D064:PEM routines:PEM_read_bio:bad base64 decode:pem_lib.c:765: 15959:error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib:by_file.c:280: CONNECTED(00000004) depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 verify error:num=20:unable to get local issuer certificate verify return:0 15959:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1060:SSL alert number 48 15959:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: Not sure what I am doing wrong. Can you please help figure out? -- View this message in context: http://old.nabble.com/openssl-failing-to-download-remote-certificate-tp32723099p32723099.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org