Hi,
I'm running into an issue (with both 0.9.7l and 0.9.8g) where I'm
attempting to connect to a server with a client certificate and what
appears to be a complete chain of server certificates, and yet I'm
still getting the 'unknown ca' error.
My command line is:
openssl s_client \
-connect [HO
On Sat, Mar 07, 2009 at 01:12:38PM -0500, Paul Hart wrote:
> Hi,
>
> I'm running into an issue (with both 0.9.7l and 0.9.8g) where I'm
> attempting to connect to a server with a client certificate and what
> appears to be a complete chain of server certificates, and yet I'm
> still getting the 'u
Hello,
I need to implement new requirement to verify private certificate before
it is used for SSL/TLS connection.
Basically I should not use certificate that is expired or revoked. I am
working with OpenSSL 0.9.8i.
I made function similar to what we are using to verify peer certificate
but I
what do you mean "private certificate"? you mean the server wants to verify its
own certificate before accepting connections? or the client wants to verify its
own certificate before initiating connections? (i guess it doesn't matter
either way, though.)
assuming you have the CA certs and the
Found the problem...
The x509 pointer should not be free since the ssl_ctx will continue to
use it.
Thanks Liz
Liz Voss wrote:
Hello,
I need to implement new requirement to verify private certificate
before it is used for SSL/TLS connection.
Basically I should not use certificate that is expi