My SSL application recently began throwing the following error
whenever I try to connect:
SSL error (-1, 1, 336130329) (error:1408F119:SSL
routines:SSL3_GET_RECORD:decryption failed or bad record mac)
The strange thing is that the same application, running on a
different machine, does not have this problem (they have the same
certificate, and I verified that there are no filesystem errors that
would cause the cert to be mangled). My application is linking with
openssl-0.9.8d, running on Debian Linux. It's an Objective-C
program.
Have you this problem on every connection or random ?
If you see this on every connection there is chance that you have
certificate from other key then your private key.
After loading (in your server application) private key and certificate
do you call SSL_CTX_check_private_key() to be sure that you have
good key/certificate pair ?
The errors were consistent: they occurred every time any user
attempted to connect. I restarted the program, and the errors
cleared and did not return: it may have simply been a transient
memory or data corruption of some kind. But I will consider adding a
call to SSL_CTX_check_private_key(). Thank you for the assistance!
--David
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
