to solve this problem .
The server doesn't automatically request a certificate from the
client.
Use something like
SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);
SSL_CTX_set_verify_depth(ctx,10);
Thanks
--
Michael Simms
_
SSL_CTX_load_verify_locations, believing it had no CTX
The logic was all fine, just one line setting the CA done at the wrong
place.
So, hooray, all of the SSL functionality now works!
Thanks
--
Michael Simms
__
OpenSSL Project
me convenient bits of the received cert/chain and check
> they are as they should be, or just debug it and look at the same.
> Maybe you have a bug in your multithreading, but those tend to be erratic;
> could you perhaps configure one process to r
the same keys and the server has the same ca, works just fine.
Keys are attached, password is abcd
Thanks
--
Michael Simms
servercert.pem
Description: Binary data
serverkey.pem
Description: Binary data
rootcert.pem
Description: Binary data
Dave Thompson wrote:
>> From: [EMAIL PROTECTED] On Behalf Of Michael Simms
>> Sent: Thursday, 13 November, 2008 07:38
>
>> I currently have a different problem that is stumping me. I think that
>> maybe I have a gap in my knowledge that maybe someone can fill.
>&
the client and server certificate.
Are you aware you need to call SSL_connect and SSL_accept a number of
times, checking the error return to see if it WANTS_READ or
WANTS_WRITE, and reading/writing as appropriate? It can take a number
of calls to to the connect/accept before it finishes the job.
Tha
, keys, and CA, then again
the client fails to verify.
Am I missing something?
Keys are attached for further information
Thanks
--
Michael Simms
rootcert.pem
Description: Binary data
server.pem
Description: Binary data
servercert.pem
Description: Binary data
Hooray, this question I can answer. (Maybe someone can answer mine
now?)
I dont know if it is a bad way, cryptographically, but it works.
//The bio to handle a char *
static BIO *memory_buf_BIO(const char* buf, int len)
{
BIO* bio;
BUF_MEM* mem;
if (!buf)
return NULL;
if (len == -1
Hi,
I posted this last week, and a couple of people said they could help
but then, I havent heard any more.
If someone has any ideas, they would be gratefully appreciated.
I am having a bit of a problem generating a set of new keys.
I have code that works just fine when using a pair of imported
ore I look at what you've got, have you compared this to the rsa.c
> file in the apps/ directory of the source distribution?
>
> -Kyle H
>
> On Fri, Oct 31, 2008 at 1:13 AM, Michael Simms <[EMAIL PROTECTED]> wrote:
>> I am having a bit of a problem generating a set of new
I am having a bit of a problem generating a set of new keys.
I have code that works just fine when using a pair of imported keys
from a file generated from the openssl commandline.
However when I try and use RSA_generate_key, I can obtain the public
and private keypair, they validate using SSL_CT
Hi, more information regarding my problem with not getting a cipher
returned.
It turns out that if I use SSLv2_client_method instead of v23 then this
works. However this will obviously have implications on other
servers I try and connect to.
Now, it seems to me that what I need to do is either g
Hi
I dont know much about encryption. I have tried to learn about using open SSL
from examples and documentation
I am stuck. In a word
I am trying to create an SSL connection to a secure webserver. It just
isnt working.
Now, I have got some connections working, but the really important one
j
13 matches
Mail list logo