Hi,
I am new to openssl programming. My goal is trying to get a simple server
up and running. I am using OpenSSL 1.0.1e-fips 11 Feb 2013 on Centos6.5.
I am using SSL_CTX_use_certificate_chain_file() to load my server
certificate files at initialization. The PEM file is created by
concatenating
On Tue, May 20, 2014 at 1:04 PM, David Li dlipub...@gmail.com wrote:
Hi,
I am new to openssl programming. My goal is trying to get a simple server
up and running. I am using OpenSSL 1.0.1e-fips 11 Feb 2013 on Centos6.5.
I am using SSL_CTX_use_certificate_chain_file() to load my server
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of David Li
Sent: Tuesday, May 20, 2014 13:05
snip
I am using SSL_CTX_use_certificate_chain_file() to load my server certificate
files at initialization.
The PEM file is created by concatenating
Dustin,
Yes, I was trying SSL_CTX_use_certificate_file to see what happened and it
still crashed. The original code looks like:
if (SSL_CTX_use_certificate_chain_file(ctx, SERVER_CERT) != 1) {
}
The manpage says:
SSL_CTX_use_certificate_chain_file() loads a certificate chain
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dustin Oprea
Sent: Tuesday, May 20, 2014 14:07
On Tue, May 20, 2014 at 1:04 PM, David Li dlipub...@gmail.com wrote:
snip
The code that you cited doesn't use SSL_CTX_use_certificate_chain_file.
Dave,
Thanks for the suggestion! I took a look at the low-hanging fruit first -
my SSL ctx object. So I modified the code a little bit by checking the SSL
CTX first:
ctx = SSL_CTX_new(SSLv23_method()); // handle only SSL v2 and v3
if (!ctx) {
int_error(Error in creating SSL ctx\n);
On 20 May 2014 20:13, David Li dlipub...@gmail.com wrote:
So obviously my SSL_CTX object wasn't created properly. Now I have to
figure out what it means by library has no ciphers.
You haven't called the functions to initialise openssl.
Rich.
Rich,
I did the following calls:
OpenSSL_add_all_algorithms();
OPENSSL_init_library();
SSL_load_error_strings();
Are these enough?
On Tue, May 20, 2014 at 1:32 PM, Richard Moore richmoor...@gmail.comwrote:
On 20 May 2014 20:13, David Li dlipub...@gmail.com wrote:
So obviously my
Oh, I see,
I should have used SSL_library_init() rather than OPENSSL_init_library().
Thanks everyone! Great help!
David
On Tue, May 20, 2014 at 1:38 PM, David Li dlipub...@gmail.com wrote:
Rich,
I did the following calls:
OpenSSL_add_all_algorithms();
OPENSSL_init_library();