little effect on the use of client
certificates.
But when I perform handshake with SSL Server that is configured with Dual
Authentication, Client is still sending Client Certificate for the
Certificate Request sent by client.
As expected. If you don't want to configured client certificates
Hi,
I have configured my SSL client with VERIFY_NONE.
But when I perform handshake with SSL Server that is configured with Dual
Authentication, Client is still sending Client Certificate for the Certificate
Request sent by client.
But ideally client should not send certificate as the SSL
we're not going to fix this.
SSLv2 is now like the Monty Python comment: This is not a wine for drinking,
this is a wine for laying down and avoiding
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project
Hi All,
I am using OpenSSL 0.9.8.k.
We are using the following function to configure device certificate and
private key:
SSL_CTX_use_certificate_chain_file() and SSL_CTX_use_PrivateKey_file().
When SSL_ctx object is loaded with the client certificate and private key
using above 2 functions
Hi All,
I am using OpenSSL 0.9.8.k.
We are using the following function to configure device certificate and
private key:
SSL_CTX_use_certificate_chain_file() and SSL_CTX_use_PrivateKey_file().
When SSL_ctx object is loaded with the client certificate and private key
using above 2 functions
Hi, everybody
What is difference between "SSLv3 read client certificate B" and "SSLv3 read client certificate A"?
Thanks,
Liying
Do you Yahoo!?vote.yahoo.com - Register online to vote today!
Hello!!
I'm a new member, and i don't understand how ssl certificates very well.
i'm using this function to get the client certificate:
And it returns NULL!!
The s variable (SSL type), isn't NULL so i think it returns NULL when i
copy the peer session..
sorry about my english
On 13 Dec, Filipe Contente wrote:
i'm using this function to get the client certificate:
And it returns NULL!!
You must:
/* This is needed for verifying any client */
if ( ! SSL_CTX_load_verify_locations( sslctx, ca_file, ca_dir)) {
ERR_print_errors_fp( stderr
: Getting client certificate
!
Hi all,
I am developing a client-server application and I
would like the server toverify the client certificate too.
These are the steps that I have followed on the serber
side :
SSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE, NULL
Hi,
I'm a newbie to SSL and OPenSSL.
I use a apache server with mod_ssl which accept client certificates.
With my browser where I installed a client certificate, I can connect with
my Apache server.
In the goal of making perf tests, I want to use s_client instead of my Web
Browser.
So I
- Original Message -
From: Montini Paolo
To: OpenSSL-DEV
Sent: Wednesday, August 30, 2000 5:06 PM
Subject: Getting client certificate !
Hi all,
I am developing a client-server application and I would
like the server toverify the client certificate too.
These are the steps that I
Hi all,
I am developing a client-server application and I would
like the server toverify the client certificate too.
These are the steps that I have followed on the serber
side :
SSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE, NULL);
SSL_CTX_use_certificate_file(ctx
Hi:
Our client have get the server's
certificate.But the server can't to get the client's certificate. (client
have a correct certificate) Why? How to do? We need your help!
Best Regards!
TechInfo Group
Hi dev people,
I would like to have your help. I am developing a client-server
application in wich the client is already writen in Java with JSSE
1.0.1 and the server will be writen in OpenSSL openssl-0.9.5a. This
client uses a certificate imported from the server.pem certificate
from the
Steve wrote:
I've feel like I've answered this one aleph null times but maybe its
just my imagination...
When a server requests client auth it sends out a list of acceptable
CAs. With s_server in OpenSSL this list is in the file passed in the
-CAfile option it should be a PEM encoded set of
, it verifies the cert using its CAs.
I was stating the effect rather than the precise protocol details of the
process. This was in the context of a newbie question.
You are correct that the certificate request message requests the client
certificate and that includes the list of acceptable CAs DNs
to have a CA signed client
certificate. From what I read I need to generate a RSA key pair and
then make a certificate request from the public key. I've found lots
of info for the server side but nothing for the client side except
for browsers. Is there a place I can locate this information
Hi,
I do not understand very well your question.
To generate a certificate request (the client) use: openssl req -newkey
rsa:1024
To sign it and gen the cert. use: openssl ca .
I guess I don't understand this very well, sorry...
On the client side ssl do I need a key pair for a
Len wrote:
Hi,
I do not understand very well your question.
To generate a certificate request (the client) use: openssl req -newkey
rsa:1024
To sign it and gen the cert. use: openssl ca .
I guess I don't understand this very well, sorry...
On the client side ssl do I
Thanks, that helps.
len
Len wrote:
Hi,
I do not understand very well your question.
To generate a certificate request (the client) use: openssl req -newkey
rsa:1024
To sign it and gen the cert. use: openssl ca .
I guess I don't understand this very well,
Hi,
I'm sorry if this is the wrong place to ask this. If it is
could someone kindly redirect me to the correct place? I am new to
this...
I am working on a client side application that needs to have
a SSL layer to connect to a server. I need to have a CA signed client
SSL_accept:SSLv3 read client hello A
SSL_accept:SSLv3 write server hello A
SSL_accept:SSLv3 write certificate A
SSL_accept:SSLv3 write certificate request A
SSL_accept:SSLv3 write server done A
SSL_accept:SSLv3 flush data
SSL_accept:failed in SSLv3 read client certificate A
6875:error:140780E1:SSL
A
SSL_accept:SSLv3 write certificate request A
SSL_accept:SSLv3 write server done A
SSL_accept:SSLv3 flush data
SSL_accept:failed in SSLv3 read client certificate A
6875:error:140780E1:SSL routines:SSL23_READ:ssl handshake failure:s23_lib.c:190:
And then trying to connect with IE produces the usual
23 matches
Mail list logo