On Sun, Nov 14, 2010, Timur Elzhov wrote: > Hi, openssl experts! > > It's required to transfer data to Apple Push service that is located at > gateway.sandbox.push.apple.com:2195. I'm given the certificate and private > key both included in Certificate_and_key.pem. Trying to connect: > > $ openssl s_client -connect gateway.sandbox.push.apple.com:2195 -CAfile > > EntrustCA.pem -cert Certificate_and_key.pem > > > Server's certificate is passed successfully (with CA included in > EntrustCA.pem) but the error is following: > > 140735074831484:error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert > > certificate unknown:s3_pkt.c:1193:SSL alert number 46 > > 140735074831484:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake > > failure:s23_lib.c:184: > > > I tried to google about alert 46, but found only that "something wrong with > client's certificate". Is it possible to get more details about failure? >
That's all the server sends back. Is that the correct certificate for that server? > > X509v3 Extended Key Usage: critical > > Code Signing > Well the above extension would mean that certificate can only be used for code signing, not SSL client authentication. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
