Hello again, If anyone has any experience with OpenSSL on VxWorks and can comment on this certificate strangeness, I'd be very grateful. Why would OpenSSL on one operating system be happy with my generated certificates, but on another operating system, complain about them?
Debugging on this embedded platform is a large PITA, which is why I'm hoping for some ideas from here. Thanks. K ----- Original Message ----- From: [EMAIL PROTECTED] To: openssl-users@openssl.org Subject: Multi platform problems Date: Sat, 23 Jul 2005 11:32:38 -0500 > > I have a couple of problems. Background: I've written > a library, T, which (among other things) provides TLS > functionality, using OpenSSL. I've also written a test > application, U, which uses OpenSSL on one side and > T's interface on the other side, to set up TLS > connections and exchange data. > > Pretty much all my OpenSSL related code is derived > from the OpenSSL book, as are the certificates being > used. > > This code works correctly on Solaris, Linux and > Windows NT. On VxWorks, however, I get the evil > ssl3 alert bad certificate when using SSL_connect() > from my dummy client to connect to a server that > was established through the library. > > Barring changes relating to the operating system > interface and cross compilation, the code is identical. > So are the certificates I am using. > > Further: there is another application V, which uses T. > V has been modified to establish TLS connections > through T, and is configuring T for this purpose > identically to U. However, V fails during this > configuration (unlike U) when the library calls > SSL_CTX_load_verify_locations(). > > The error stack reports a pem_read error, saying there > is no beginning line. But V is using the exact same > certificate files as U. Even more bafflingly, the calls > SSL_CTX_use_certificate_chain_file() and > SSL_CTX_use_Privatekey_file() succeed. Only the CA file > is causing trouble. > > Any solutions will be gratefully received. Any > suggestions are very welcome. I'm completely open to > ideas, as I'm out of them. > > Thanks. > > > K > > -- > ___________________________________________________________ > Sign-up for Ads Free at Mail.com > http://promo.mail.com/adsfreejump.htm > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] -- ___________________________________________________________ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
