>From: owner-openssl-us...@openssl.org On Behalf Of Indtiny s >Sent: Sunday, 16 December, 2012 11:04
This is not a -dev question. > I am using root certiciate which is there in DER format at client , >to verify the peer . >When I execute my cCURL clinet code I get the below error . >223: SSL: couldn't get X509-subject! >curl_easy_perform() failed: SSL connect error error no is 35 . >I viewed the root certiciate using tool , I could see the subject >field in the ceritificate . It is very unlikely curl is looking at the subject in the root (CA) cert; that is not relevant to anything it is doing. Almost certainly it is looking at the subject in the server (EE) cert, which could be using SubjAltNames and leaving Subject empty. Try commandline openssl s_client to your host&port and it will dump the server cert. Capture that to a file and display with openssl x509 -noout -text, or another tool like MS certmgr. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org