Hello all, I'm having a little trouble testing out some web services for a client. They have provided us with a couple of pfx certificate files to allow us to authenticate to their web servers. I can import this into IE and connect to the site without any trouble but when I try and use s_client I get handshake errors I'm using the following command: openssl s_client -connect weburl.com/pageIWant:443 -cert TEST35.pem
and get the following. Loading 'screen' into random state - done CONNECTED(00000694) depth=1 /O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU =www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign verify error:num=20:unable to get local issuer certificate verify return:0 3704:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:.\ssl\s3_pkt.c:1057:SSL alert number 48 3704:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:.\ssl\s23_lib.c:188: I've converted the pfx to a pem with whichever command Google gave me. I'm guessing that this is a problem with the client certificate rather than the server certificate. Does anyone have any pointers? I've had a good Google around and can't quite seem to find anything specific. Many thanks in advance. Felix ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
