Thanks Ted for a quick reply. I can receive data as you suggested. I use this option on s_server. I guess it should do mutual authentication. Correct?
s_server -cert "D:/ssl/src/Keys/usingUIforopenssl/servernewpublic.pem" -key "D:/ssl/src/Keys/usingUIforopenssl/servernewprivate.pem" -CAfile "D:/ssl/src/Keys/usingUIforopenssl/clientnewpublic.pem" -verify 1 -debug -msg Bernhard Fröhlich wrote: > > Deep Chand schrieb: >> Hi, >> >> I have written a test client in java and using openssl s_server to verify >> the connection, mutual authentication. I used keytool to generate >> self-signed certificates (JKS ) and then used keytool UI (freeware) to >> generate the certs in PKICS#12/PEM format for openssl. I use the >> following >> command to run the s_server: >> >> s_server -cert "D:/ssl/src/Keys/usingUIforopenssl/servernewpublic.pem" >> -key >> "D:/ssl/src/Keys/usingUIforopenssl/servernewprivate.pem" -CAfile >> "D:/ssl/src/Keys/usingUIforopenssl/clientnewpublic.pem" -verify 1 -debug >> -msg >> >> The hex dump on server side is very cryptic. From the client after the >> conn >> is established, I send "hello world" to the server which I see on the >> server >> side. I just wanted to know: >> >> Does this mean that the connection is established successfully? >> > Yes. But depending on your s_server options there may have been no or > not all checks on the certificates. So you have successfully tested the > SSL connection, but trouble may still lurk in the certificates... ;) >> How can I send some thing back to the client from s_server to test >> whether >> it can receive the data or not? >> > Type something into s_server? >> Any help is appreciated. >> >> -Deep >> > Hope it helps. > Ted > ;) > > -- > PGP Public Key Information > Download complete Key from http://www.convey.de/ted/tedkey_convey.asc > Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26 > > > > -- View this message in context: http://www.nabble.com/how-to-verify-that-connection-to-s_server-is-successful--tf4554815.html#a12999751 Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
