Hello, Chandrasekhar R S wrote:
Hi all, I have created a certificate using the following sequence of calls :X509_new() RSA_generate_key() X509_set_version(cert,3) ASN1_INTEGER_set(X509_get_serialNumber(cert),0) X509_gmtime_adj(X509_get_notBefore(cert),0); X509_gmtime_adj(X509_get_notAfter(cert),45); X509_set_pubkey(cert,pk) X509_set_issuer_name() X509_set_subject_name() X509_sign()
I assume: self signed certificate ?
Thus created certificate is working fine when registered with a server (ie., server is presenting the certificate and communication goes through fine). Instead, the same certificate registered with a client, does not work. The server mandated to authenticate the client, throws up an error : "25199:error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned:s3_srvr.c:1989:"
The server sends a list of trusted CA certs or client authentication. If the client cert is self signed, it is not in this list so it is not accepted as a valid client certificate. Self signed certificates as end entity certificates are a quick hack. You should (almost) always work with an (official or own) CA. Bye Goetz -- Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de Sonninstr. 24-28, 20097 Hamburg, Germany Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126
smime.p7s
Description: S/MIME Cryptographic Signature
