RE: Certificate Problem :)

[Andrew T. Finnell]

Michal,


        This is using the OpenSSL libraries through TCP/IP
communications. More specifically, it is through the use of SSLIOP
(CORBA). This happens on all Win32 machines -> Solaris 6/7. And Win32 ->
Win32.

- 
Andrew T. Finnell
Active Solutions L.L.C
[EMAIL PROTECTED] 

> -----Original Message-----
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED]] On Behalf Of Michal Bachorik
> Sent: Monday, April 22, 2002 12:08 PM
> To: Openssl ([EMAIL PROTECTED])
> Subject: Re: Certificate Problem :)
> 
> 
> On Mon, 22 Apr 2002, Andrew Finnell wrote:
> 
> > Dear fellow developers,
> >
> >     I am experiencing some problems with a product we 
> released. We rely 
> > on a public/private key architecture. The client connects to our 
> > server and we check to see if the certificate the client had was 
> > signed by us. I do this by checking to see if I can even 
> get a client 
> > certificate. From my understanding if the client does not have a 
> > trusted certificate signed by the same CA as the server or by a 
> > trusted CA the server will not receive the certificate ( from the 
> > applications point of view). I do a SSL_get_peer_certificate and 
> > everything works for a while. But all of a sudden I never get a 
> > certificate from the client. This causes our server to think the 
> > client isn't validated. The only way we seem to be able to 
> fix this is 
> > to re-create all new certificates. The certificates are set 
> to expire 
> > in a year but the problem occurs within weeks/months of 
> deployment and 
> > continues to happen. Does anyone have any insight on how 
> this could be 
> > happening? Thank you for your time.
> 
> what type of connection do you speak of?
> https or ssh? and what platform you are running on?
> 
> >
> > -------------------------------------
> > Andrew T. Finnell
> > Software Engineer
> > eSecurity Inc
> > (321) 394-2485
> >
> 
> -- 
> snail-mail : Michal Bachorik
>              Nedozerskeho 207
>              Nedozery 972 12
>              SLOVAKIA
> phone      : +421 862 54 85 220
> e-mail     : [EMAIL PROTECTED]
>              [EMAIL PROTECTED]
>              [EMAIL PROTECTED]
> 
> 
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [EMAIL PROTECTED]
> Automated List Manager                           [EMAIL PROTECTED]
> 


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]