Harshal,
Check parameter 2 on SSL_CTX_use_PrivateKey_file(). It should be a pointer to
the name of the file that contains the private key, not the certificate file.
As an example on my (working) prototype server I use the following:
// Define whatever ciphers you want. I used AES-128. Client cipher list
should match.
#define CIPHER_LIST "AES-128"
if (SSL_CTX_set_cipher_list(ctx, CIPHER_LIST) Hello,
>
>I am creating a SSL server /client architecture.
>Wherein I am using code similar to mentioned below for populating my Server's
>SSL_CTX
>
> ret = SSL_CTX_use_certificate_file(sslctx, "/tmp/certs.pem",
> SSL_FILETYPE_PEM);
> if(ret != 1)
> {
> return false;
> }
>
> ret = SSL_CTX_use_PrivateKey_file(sslctx, /tmp/certs.pem,
> SSL_FILETYPE_PEM);
> if(ret != 1)
> {
> return false;
> }
> ret = SSL_CTX_check_private_key(sslctx);
> if(ret != 1)
> {
> return false;
> }
> ret = SSL_CTX_load_verify_locations(sslctx, "/tmp/ca.pem", NULL);
> if(ret != 1)
> {
> return false ;
> }
>
>
>I have certs.pem file with root server certificate
>ca.pem file with CA certificate
>and chain.pem file with intermediate certificates.
>
>I tried to add these intermediate certifcates from chain.pem in my SSL_CTX
>cert store to be used at the time of SSL handshake with client.
>
>One of the way was to use "SSL_CTX_use_certificate_chain_file" method
>But when I tried using it with above mentioned code ssl handshake failed with
>following error,
>"SSL_write() error - error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no
>shared cipher"
>
>Removing this steps SSL handshake seem to work fine.
>
>Can you please help me understand what is going wrongs?
>
>Any troubleshooting pointers will be great help.
>
>Thanks in advance
>-Harshal
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
