Hi *, I use SSLeay-0.8.1 under Win32 and the s_server application. During the ssl handshake, I get these error messages : .. depth=0 [EMAIL PROTECTED] verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 [EMAIL PROTECTED] verify error:num=21:unable to verify the first certificate verify return:1 .. I start the server with the following command: ssleay s_server -cert .\servcert\certserv.pem -key .\servcert\key.pem -accept 443 -state -www -CApath .\accept -CAfile stuffca.pem -Verify 9 The problem happens when I use the s_client application or a Netscape 4.04 browser. I think the server doesn't find the CA path, cause I get the same error message when I put an invalid path after CApath in the command. Do I need another configuration file ? There's another strange thing: by -Verify, I mean the client's certificate verification is mandatory. So, why does the server respond with 1 (and makes an HTTP response) while there's an error in the client's certificate verification? Any hint. Al +-------------------------------------------------------------------------+ | Administrative requests should be sent to [EMAIL PROTECTED] | | List service provided by Open Software Associates, http://www.osa.com/ | +-------------------------------------------------------------------------+
