Hi, I use standard scheme to send/receive SOAP requests over TLS. On Windows it works good, server receive request from client, it handles correctly. On Linux I have the following error:
SSL_accept:error in SSLv2/v3 read client hello A In the 'verify callback' which I've set in SSL_CTX_set_verify I receive 'store' object which doesn't contain SSL object: X509_STORE_CTX_get_ex_data(store, SSL_get_ex_data_X509_STORE_CTX_idx()) return NULL. I use the OpenSSL 1.0.1e with fips 2.0.4 both on windows and linux. Here is code fragments how I use OpenSSL soap->ctx = SSL_CTX_new(SSLv23_method()) ... SSL_CTX_set_options(soap->ctx, (SSL_OP_ALL | SSL_OP_NO_SSLv2)); SSL_CTX_set_cipher_list(soap->ctx, m_cipherSuite) SSL_CTX_set_verify(soap->ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, tls_soap_verify_callback); ... soap.ssl = SSL_new(soap->ctx); ... SSL_accept(soap->ssl) This issue on Linux was disappeared when I decided to debug openssl and built it with "debug-rse" flag (I found advice to use it in the internet). Could anybody please help with this issue? What should be corrected in the code to use standard release openssl version instead of debug. I will send additional info if it's needed. Thanks in advance! -- View this message in context: http://openssl.6102.n7.nabble.com/CentOS-5-openssl1-0-1e-SSL-accept-error-in-SSLv2-v3-read-client-hello-A-tp46479.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
