certificate.
> >>
> >> it works perfectly in openssl 1.1.0h, however it stops working after I
> >> upgrade to openssl 1.1.1.
> >>
> >> In client_cert_cb , when I call SSL_get_peer_certificate, it returns
> >> NULL, which is different from opens
>> loaded in client_cert_cb based on matching the server side certificate.
>>
>> it works perfectly in openssl 1.1.0h, however it stops working after I
>> upgrade to openssl 1.1.1.
>>
>> In client_cert_cb , when I call SSL_get_peer_certificate, it returns
t; upgrade to openssl 1.1.1.
>
> In client_cert_cb , when I call SSL_get_peer_certificate, it returns
> NULL, which is different from openssl 1.1.0h.
>
> I do set SSL_VERIFY_PEER on both sides.
>
>
> any thoughts on this?
I assume this only happens with a TL
SSL_get_peer_certificate, it returns NULL,
which is different from openssl 1.1.0h.
I do set SSL_VERIFY_PEER on both sides.
any thoughts on this?
Regards,
Dave
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
MCLOG("SSL_ERROR_NONE");
break;
}
}
}
break;
default:
MCLOG("SSLUtil::RetrieveNameUsingSSL failed ",error);
//printf("connect error is %d\n",error);
If Client-server session is reused from a past session then the client will
not get a Server Certificate during the handshake. In this case, if I do a
SSL_get_peer_certificate(), will it give me the server's certificate from
the initial handshake from which this reuse happened?
n calling
> SSL_get_peer_certificate() after a successful handshake. The issue doesn't
> occur every time, but often enough.
>
> I reverted to OpenSSL 0.9.8j, and haven't been able to replicate the
> problem. To verify, I again went 0.9.8k and the issue cropped up right away.
>
> I'm us
Hi,
I recently ran into an issue with OpenSSL 0.9.8k returning NULL when calling
SSL_get_peer_certificate() after a successful handshake. The issue doesn't
occur every time, but often enough.
I reverted to OpenSSL 0.9.8j, and haven't been able to replicate the
problem. To verify, I
heck its value before I call
> SSL_get_peer_certificate(). I've also verified that s->session is
> infact NULL before the call to SSL_get_peer_certificate().
>
> I can still send data across the link - I've tested using BIO_read()
> and BIO_write() to see if the ma
I know that s isn't null because I check its value before I call
SSL_get_peer_certificate(). I've also verified that s->session is infact NULL
before the call to SSL_get_peer_certificate().
I can still send data across the link - I've tested using BIO_read() and
BIO_wri
, Jul 28, 2008 at 7:55 PM, M <[EMAIL PROTECTED]> wrote:
> Thanks, I've read the man page for SSL_get_peer_certificate() and it says it
> returns NULL if " No certificate was presented by the peer or no connection
> was established." After tracing through the code I
Thanks, I've read the man page for SSL_get_peer_certificate() and it says it
returns NULL if " No certificate was presented by the peer or no connection was
established." After tracing through the code I see that
SSL_get_peer_certificate() returns null because no conn
DESCRIPTION
SSL_get_peer_certificate() returns a pointer to the X509 certificate
the peer presented. If the peer did not present a certificate, NULL is
returned.
Please see the manual page for SSL_get_peer_certificate for more
information (including information on how to tell
Hi,
I am having a problem establishing a connection with openssl libs. My client
code is failing because SSL_get_peer_certificate() returns NULL. On the server
code SSL_get_error() returns 1 and the error string i get is
"error::lib(0):func(0):reason(0)" which is very unc
o questions:
1) Clearly in this case SSL_get_verify_result() is likely to indicate
that the server certificate failed verification (because it was
self-signed). However, in this situation can I still assume that the
public key from the certificate (obtained with
SSL_get_peer_certificate()) was
Title: Message
I'm retriving server
SSL cert using SSL_get_peer_certificate. How can I compare this cert with one I
have stored in file (DER)?
Thank you in
advance,
Milan
d one or the verify failed.
> How could I go about checking what is wrong? Thanks!
Your analysis is not quite correct. SSL_get_peer_certificate() will always
return the certificate sent by the peer, regardless of the verification
result (you have to use SSL_get_verify_result() to check it out)
Title: Message
I'm having a problem getting my server on Solaris 8 (
Built with SunCC 5.2 ) to obtain a certificate from my client. I have set
SSL_CTX_set_verify ( ctx , SSL_VERIFY_PEER, 0 ) on both client and server.
I have created valid certificates to the best of my knownledge. The sam
Hello,
I am running the demo client/server implementaation and i am unable to
get the SSL_get_peer_certificate() function working at the server side.
The server program alsways say "Client does not have the certificate."
Eventhough the client.pem file is authenticatedd & the data
Hi Marcos:
I know a documents about how the callback. The URL is
http://www2.psy.uq.edu.au/~ftp/Crypto/certs.html
I do what this document suggest, but my server's
SSL_get_peer_certificate() still return NULL. I realy don't know why.
But, thank you very much. I will try so
>>Hi:
>Do you know how to write a client program with certification? I don't
>know how to setup my client program to use a pem file and let the server
>side get the certification.
>In one words, how to write a client program to let the
>SSL_get_peer_certificate
Hi:
Do you know how to write a client program with certification? I don't
know how to setup my client program to use a pem file and let the server
side get the certification.
In one words, how to write a client program to let the
SSL_get_peer_certificate() function call on server sid
22 matches
Mail list logo