Thanks Ted for a quick reply. I can receive data as you suggested. I use this
option on s_server. I guess it should do mutual authentication. Correct?

s_server -cert "D:/ssl/src/Keys/usingUIforopenssl/servernewpublic.pem" -key
"D:/ssl/src/Keys/usingUIforopenssl/servernewprivate.pem" -CAfile
"D:/ssl/src/Keys/usingUIforopenssl/clientnewpublic.pem" -verify 1 -debug
-msg 



Bernhard Fröhlich wrote:
> 
> Deep Chand schrieb:
>> Hi,
>>
>> I have written a test client in java and using openssl s_server to verify
>> the connection, mutual authentication. I used keytool to generate
>> self-signed certificates (JKS ) and then used keytool UI (freeware) to
>> generate the certs in PKICS#12/PEM format for openssl. I use the
>> following
>> command to run the s_server: 
>>
>> s_server -cert "D:/ssl/src/Keys/usingUIforopenssl/servernewpublic.pem"
>> -key
>> "D:/ssl/src/Keys/usingUIforopenssl/servernewprivate.pem" -CAfile
>> "D:/ssl/src/Keys/usingUIforopenssl/clientnewpublic.pem" -verify 1 -debug
>> -msg 
>>
>> The hex dump on server side is very cryptic. From the client after the
>> conn
>> is established, I send "hello world" to the server which I see on the
>> server
>> side. I just wanted to know:
>>
>> Does this mean that the connection is established successfully?
>>   
> Yes. But depending on your s_server options there may have been no or 
> not all checks on the certificates. So you have successfully tested the 
> SSL connection, but trouble may still lurk in the certificates... ;)
>> How can I send some thing back to the client from s_server to test
>> whether
>> it can receive the data or not?
>>   
> Type something into s_server?
>> Any help is appreciated.
>>
>> -Deep
>>   
> Hope it helps.
> Ted
> ;)
> 
> -- 
> PGP Public Key Information
> Download complete Key from http://www.convey.de/ted/tedkey_convey.asc
> Key fingerprint = 31B0 E029 BCF9 6605 DAC1  B2E1 0CC8 70F4 7AFB 8D26
> 
> 
>  
> 

-- 
View this message in context: 
http://www.nabble.com/how-to-verify-that-connection-to-s_server-is-successful--tf4554815.html#a12999751
Sent from the OpenSSL - User mailing list archive at Nabble.com.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to