Have you tried this with a non "self signed certificate". ie. The subject and issuer of the cert should be different for client/end user certs.
Sincerely, Patrick Tronnier Principal Security Architect www.oaticerts.com CONFIDENTIAL INFORMATION: This email and any attachment(s) contain confidential and/or proprietary information of Open Access Technology International, Inc. Do not copy or distribute without the prior written consent of OATI. If you are not a named recipient to the message, please notify the sender immediately and do not retain the message in any form, printed or electronic. -----Original Message----- From: Bart Dumon [mailto:[EMAIL PROTECTED]] Sent: Saturday, September 07, 2002 6:49 AM To: [EMAIL PROTECTED] Subject: problems with openssl 0.9.6d and up hey, i'm trying to post an xml through https, however, it looks like this is not going to work with the openssl version i'm using, 0.9.6e when i try to connect with s_client, i get immediately disconnected after the first input line: bartdu@zeroth:~$ /usr/local/ssl/bin/openssl s_client -connect partners.networksolutions.com:8010 -quiet depth=1 /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority verify error:num=19:self signed certificate in certificate chain verify return:0 GET / HTTP/1.0 bartdu@zeroth:~$ i noticed that it's actually working on other machines, when i checked the versions of openssl, only the 0.9.6c version seemed to work, so i've compiled the older and a newer version on the same machine to compare: the same results with 0.9.6g: bartdu@zeroth:/usr/local/src/openssl-0.9.6g/apps$ ./openssl s_client -connect partners.networksolutions.com:8010 -quiet depth=1 /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority verify error:num=19:self signed certificate in certificate chain verify return:0 GET / HTTP/1.0 bartdu@zeroth:/usr/local/src/openssl-0.9.6g/apps$ and with 0.9.6c: bartdu@zeroth:/usr/local/src/openssl-0.9.6c/apps$ ./openssl s_client -connect partners.networksolutions.com:8010 -quiet depth=1 /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority verify error:num=19:self signed certificate in certificate chain verify return:0 GET / HTTP/1.0 HTTP/1.1 200 OK Content-type: text/html Connection: Close Content-Length: 200 <!-- REMOVE this page and REPLACE with your own --> <meta http-equiv="refresh" content="0;url=/WmRoot/index.dsp"> <html> <body> <a href="/WmRoot/index.dsp">Server Administration</a> </body> </html> bartdu@zeroth:/usr/local/src/openssl-0.9.6c/apps$ i have no clue what might be wrong, i believe 0.9.6d was mainly a security update so i was thinking of some options that are disabled now by default or something like that... did anyone come across this yet? regards, bart ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
