You should also provide the server's private key to the "openssl s_server" command. From above, I see that your server's private key is server-key.pem, therefore your command should be something as, openssl s_server -accept *<port number>* -cert *<certificate I create> -key server-key.pem* * * Here server-key.pem would be your server's private key file.
Thanks *Sandeep * On Tue, Aug 18, 2009 at 2:36 AM, vishal saraswat < vishalsaraswat...@gmail.com> wrote: > Hi Serge, > > I followed this link but landed into the same problem. > > I use the following commands to start the server and the client : > > Server: > openssl s_server -accept *<port number>* -cert *<certificate I create>* > > Client: > openssl s_client -connect localhost:*<port number>* > > I was wondering, do I need to do anything specific for client certificate. > > Thanks a lot, > > -Vishal > > > On Tue, Aug 18, 2009 at 1:53 AM, Serge Fonville > <serge.fonvi...@gmail.com>wrote: > >> I forgot, >> >> I used this as examples >> http://www.g-loaded.eu/2005/11/10/be-your-own-ca/ >> >> Also, googling on openssl certificate authority seems to belp >> >> On Tue, Aug 18, 2009 at 10:51 AM, Serge Fonville < >> serge.fonvi...@gmail.com> wrote: >> >>> The request is signed with the ca private key. >>> What command do you use when you start the s_server >>> >>> HTH >>> >>> Regards, >>> >>> Serge Fonville >>> >>> On Tue, Aug 18, 2009 at 10:38 AM, vishal saraswat < >>> vishalsaraswat...@gmail.com> wrote: >>> >>>> Hi, >>>> >>>> To my surprise. I tried the same steps and I am getting a similar kind >>>> of error. >>>> >>>> Please help me as well, if you get a solution. >>>> >>>> Thanks and regards, >>>> Vishal >>>> >>>> >>>> On Tue, Aug 18, 2009 at 1:32 AM, Abhishek Kane <abhishek.k...@gmail.com >>>> > wrote: >>>> >>>>> Hi, >>>>> >>>>> I am using following steps to create Ca & server certificate : >>>>> >>>>> 1. Create CA certificate >>>>> shell> *openssl genrsa 2048 > ca-key.pem* >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> shell> *openssl req -new -x509 -nodes -days 1000 \* >>>>> *-key ca-key.pem > ca-cert.pem* >>>>> >>>>> >>>>> 2. Create server certificate >>>>> shell> *openssl req -newkey rsa:2048 -days 1000 \* >>>>> *-nodes -keyout server-key.pem > server-req.pem* >>>>> shell> *openssl x509 -req -in server-req.pem -days 1000 \* >>>>> *-CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > >>>>> server-cert.pem* >>>>> >>>>> Now, the certificates get created without any error. But when i run >>>>> openssl s_server i get following error : >>>>> >>>>> unable to load server certificate private key file >>>>> 4174:error:0906D06C:PEM routines:PEM_read_bio:no start >>>>> line:pem_lib.c:644:Expecting: ANY PRIVATE KEY >>>>> >>>>> Are the steps correct? >>>>> >>>>> Thanks, >>>>> Kane >>>>> >>>> >>>> >>> >> >
