Hello guys!
I'm using a SOAP toolkit called gSoap and this toolkit provide an interface
to create SSL context.
Using tha samples released in the toolkit, i have generated the certificates
using the following command (under Linux):
To create root.pem:
-----------------------------------------------------------
# openssl req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem
# openssl x509 -req -in rootreq.pem -sha1 -extfile openssl.cnf -extensions
v3_ca -signkey rootkey.pem -out cacert.pem -days 1095
# cat cacert.pem rootkey.pem > root.pem
# openssl x509 -subject -issuer -dates -noout -in root.pem
-----------------------------------------------------------
And to create client and server certificates ($1 = just an identifier
[server or client]):
-----------------------------------------------------------
# Create a certificate and signing request
$ openssl req -newkey rsa:1024 -sha1 -keyout ${1}key.pem -out ${1}req.pem
# Sign the certificate with the root CA
$ openssl x509 -req -in ${1}req.pem -sha1 -extfile openssl.cnf -extensions
usr_cert -CA root.pem -CAkey root.pem -CAcreateserial -out ${1}cert.pem
-days 1095
$cat ${1}cert.pem ${1}key.pem cacert.pem > ${1}.pem
$openssl x509 -subject -issuer -dates -noout -in ${1}.pem
-----------------------------------------------------------
After this, i followed all the steps to create the SSL context, and the code
(client and server) compiled with no warnings or errors.
But, when the client make a request, the following error is returned:
--------------------------------------------
SSL_ERROR_SSL
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
--------------------------------------------
Am i doing something wrong while generating the certificates?
Thanks for any reply!
--
Best regards,
MaurĂcio Souza Klein.
