On Fri, 2003-11-07 at 14:26, Rich Salz wrote: > > I don't think it really works - I certainly never got it to work. > > Most likely becuase you don't have the keys. >
Bzzt - sorry - I'm not that stupid today ;-) If I do "ssldump -Ad -i eth0 -k server-cert.pem host me and port 443", where server-cert.pem contains "BEGIN RSA PRIVATE" at the top followed by "BEGIN CERTIFICATE" later on (i.e. a merged key + cert - that Apache is actually using itself), and then connect via "openssl s_client -conn me:443" and do "GET /", I don't see "GET" showing up in the ssldump output - only a bunch of SSL parsing and what looks like raw encrypted data in hex. Maybe I have an old version? (0.9b3) Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
