Hi Vladislav,
THANKS A LOT. I Now understoold that i must look for
client certificates time, and not that which is obtained at server end. Will
progress and update. Thanks a lot for your help
Suchindra Chandrahas
Vladislav Marinov <[EMAIL PROTECTED]> wrote: Hi,
If you are using the certificates from the source code that is given at the
mentioned link - looks like this source code was last touched on 10.01.2002 so
I doubt that those certs are recent (and when I was testing them sometime in
October 2006 they had expired). Another thing could be the self-signed
certificates. I think you can solve that by simply loading the proper
credentials in SSL_load_verify_locations(). Can you tell what error number do
you get from SSL_get_verify_result() - this function returns always some value.
This can be then checked in the man pages of verify(1) and you can see what is
the problem.
Vladislav
----- Original Message -----
From: Suchindra Chandrahas
To: openssl-users@openssl.org
Sent: Tuesday, March 13, 2007 2:18 PM
Subject: Re: some doubt about ssl programming
Part 1 and Part 2 are the PDFs that were given in openssl.org
Well, the problem is still doubtful because 1. The server certificates are
recent (not expired), and 2. But they are self signed certificates (this
might be a problem !)
Thanks for the replies
Regards,
Suchindra Chandrahas
Goetz Babin-Ebell <[EMAIL PROTECTED]> wrote: -----BEGIN PGP SIGNED
MESSAGE-----
Hash: SHA1
Suchindra Chandrahas schrieb:
> Hi All,
Hi Suchindra,
> Saw the part1 and part2. Trying to understand the stuff.
> I got some client examples given there. I have downloaded "sclient".
???
Which part1 and part2 ?
>
> if(SSL_get_verify_result(ssl)!=X509_V_OK)
> 39 berr_exit("Certificate doesn't verify");
>
>
>
> Does this mean that the host's certificate is not a X509 certificate ?
No it means that the verification of the X509 certificate verify
functionality detewcted an error.
Bye
Goetz
- --
DMCA: The greed of the few outweights the freedom of the many
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF9pAt2iGqZUF3qPYRAvd9AJ9k2c9NjYsACnPKqOdz1lWm68QPFQCeOunj
vjW22hsEEL150sNcdpLTYFY=
=o5nx
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
---------------------------------
Need Mail bonding?
Go to the Yahoo! Mail Q&A for great tips from Yahoo! Answers users.
---------------------------------
Don't get soaked. Take a quick peek at the forecast
with theYahoo! Search weather shortcut.
