Hi all, First of all a big thanks to Ger Hobbelt for the clues as to why my last problem was happening.
I currently have a different problem that is stumping me. I think that
maybe I have a gap in my knowledge that maybe someone can fill.
I have a problem validating a connection. The sequence of events is as
follows:
System 1: System 2:
Server loads CA Server loads keys
SSL_CTX_load_verify_locations SSL_CTX_use_PrivateKey
Server generates keypair SSL_CTX_use_certificate
RSA_generate_key Client loads CA
Client loads keys SSL_CTX_load_verify_locations
SSL_CTX_use_PrivateKey Client generates keypair
SSL_CTX_use_certificate RSA_generate_key
Client connects/server accepts Client connects/server accepts
SSL_accept SSL_accept
SSL_connect SSL_connect
(until successful) (until successful)
Server verifies result Client verifies result
SSL_get_verify_result SSL_get_verify_result
X509_V_OK
X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
In BOTH tests, the same keys and CA file were used, just on different
sides, and so it cannot be a generation issue with the key.
When the server has the CA, it validates the client. When the client
has the CA, it fails for the reason shown.
When both sides have the same certificate, keys, and CA, then again
the client fails to verify.
Am I missing something?
Keys are attached for further information
Thanks
--
Michael Simms
rootcert.pem
Description: Binary data
server.pem
Description: Binary data
servercert.pem
Description: Binary data
