----hi all , I created a certificate dynamicly in this way (python-twisted
)
dn = ssl.DistinguishedName(commonName="test dn")
dn.inspect() # add by myself
keypair = ssl.KeyPair.generate()
req = keypair.certificateRequest(dn)
def verify(dn):
return True
serialno = 1110
isuser= ssl.DistinguishedName(commonName="test dn") # isuser ->dni
The certificate is not trusted because it is self-signed.
certData = keypair.signCertificateRequest(isuser, req, verify, serialno)
#The certificate is only valid for 'test dn'
cert = keypair.newCertificate(certData)
contextFactory = cert.options()
reactor.listenSSL(9999, EchoFactory(), contextFactory)
--------- test it : openssl s_client -ssl3 -connect 127.0.0.1:9999
got this error :
"
4204:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake
failure:s3_pkt.c:1053:SSL alert number 40
4204:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake
failure:s3_pkt.c:530: "
--------and then i use tls1 method the error is like this :
"
...TLS 1.0 Handshake [length 0010], Finished...
...
verify error:num=18:self signed certificate "
....
is there any way to make a dynamicly generate certificate to be trusted ?
need help thanks
