"Scheltema, R.A." <[EMAIL PROTECTED]>:
> 1. Now I think the previous calls do not place a signature on the data (at
> least I hope not). My question is how do I place a signature on something (I
> know I need my own private key to do this). I have an array of chars. Which
> calls do I have to make ?
SSL/TLS do not sign data, but use cryptographic authentication by
keyed MACs. This is automatically done by the library when the
written data is put into records.
> 2. Also I'm confused about the peer verification. No matter what
> certificates I use, I always get the error:
> unable to get local issuer certificate.
> I am loading the right certificate on the server-side and on the client-side
> (who does the actual peer-check) the right ca-file, but it doesn't matter
> what I do. What does this error mean ?
What is "the right CA file"? If you have in it a self-signed
certificate of the CA that signed the server's certificate, then it
should work; but you can't put the actual server certificate in a file
and use it as CA certificate file (unless you write your own
verification callback). Especially you can't authenticate servers
that use self-signed certificates with OpenSSL. Maybe this will be
possible with future versions, but the current built-in verification
algorithm cannot handle it.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
