Hi
Thanks for the reply. I was able to resolve the time issue.
But now the next failure is occurring in the function
"ssl3_send_client_key_exchange" in which the function RAND_Bytes is failing.
Debugging it further, the function
"ssleay_rand_bytes" is failing due to the line
(ok = (entropy >= ENTROPY_NEEDED);
Where value of entropy is 0
Please help to identify/resolve the possible cause.
Regards
Anuradha Gupta
Technical Leader
Ext : 5107
Mobile : 9811814731
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen
Henson
Sent: Saturday, June 28, 2008 3:56 PM
To: openssl-users@openssl.org
Subject: Re: Can not establish TLS connection with Client on VxWorks andServer
on Linux
On Sat, Jun 28, 2008, Anuradha Gupta wrote:
> Hi
>
> I have ported SSL / Crypto librarries on VxWorks and linked with my
> application. Thus the client is running on VxWorks (pentium) and server is
> running on Linux machine.
> When Client side does SSL_Connect , then it fails while validating the server
> certificates. Partucularly on function X509_cmp_time.
> What is the significance of comparing the timestamps and how to resolve the
> issue.
> What are the chages required on the client side so that the compare time
> function returns success. Both client and server are referring the same set
> of RSA certificates.
>
The function is used to determine if any certificate(s) in the chain have
expired.
I'd suggest you try using openssl verify on the chain of the server.
If the time is wrong on one machine or the certificate has an invalid time
this could happen.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for
the use of the individual to whom it is addressed. It may contain privileged or
confidential information and should not be circulated or used for any purpose
other than for what it is intended. If you have received this message in
error,please notify the originator immediately. If you are not the intended
recipient, you are notified that you are strictly prohibited from using,
copying, altering, or disclosing the contents of this message. Aricent accepts
no responsibility forloss or damage arising from the use of the information
transmitted by this email including damage from virus."
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
