Hi I am having aproblem where the server is unable to verify the client certificate I created. The Server is running IIS and is listening on port 443 for SSL traffic.
> here is an example of the ssldump file > > # ./ssldump > New TCP connection #1: donegal(62137) <-> 26.110.55.210(443) > 1 1 0.1204 (0.1204) C>S Handshake > ClientHello > Version 3.0 > cipher suites > SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA > SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA > SSL_RSA_WITH_3DES_EDE_CBC_SHA > SSL_DHE_DSS_WITH_RC4_128_SHA > SSL_RSA_WITH_IDEA_CBC_SHA > SSL_RSA_WITH_RC4_128_SHA > SSL_RSA_WITH_RC4_128_MD5 > SSL_DHE_DSS_WITH_RC2_56_CBC_SHA > SSL_RSA_EXPORT1024_WITH_RC4_56_SHA > SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA > SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA > SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 > SSL_RSA_EXPORT1024_WITH_RC4_56_MD5 > SSL_DHE_RSA_WITH_DES_CBC_SHA > SSL_DHE_DSS_WITH_DES_CBC_SHA > SSL_RSA_WITH_DES_CBC_SHA > SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA > SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA > SSL_RSA_EXPORT_WITH_DES40_CBC_SHA > SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 > SSL_RSA_EXPORT_WITH_RC4_40_MD5 > compression methods > NULL > 1 2 0.2337 (0.1133) S>C Handshake > ServerHello > Version 3.0 > session_id[32]= > 01 00 00 00 f6 2e 0b 7c 76 bb 93 1f 1d 5b 9a f3 > ad c8 03 1d fc 78 1d ab a5 9d e6 85 1f 3c ae 01 > cipherSuite SSL_RSA_WITH_RC4_128_MD5 > compressionMethod NULL > Certificate > ServerHelloDone > 1 3 0.2395 (0.0058) C>S Handshake > ClientKeyExchange > 1 4 0.2395 (0.0000) C>S ChangeCipherSpec > 1 5 0.2395 (0.0000) C>S Handshake > 1 6 0.4245 (0.1849) S>C ChangeCipherSpec > 1 7 0.4245 (0.0000) S>C Handshake > > > The Server cannot verify the certificate I generated for the client > There are two things....first off the geneated PEM file, which contains > and RSA key 1024 bits and the Client Certificate, may not be correctly > generated > but even so do I need to give the server my "Certificate" so that they > can add me to their list of acceptable clients and thus be able to verify > who I am and complete the verification on the SSL channel? > > Any help is greatly appreciated > > Thanks, > Aoife > > -- Aoife Sharkey > -- Software Engineer > -- Logica Mobile Networks > -- Lexington, MA, USA direct: +1(617)476 8266 > -- SMS: [EMAIL PROTECTED] > This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
