On Tue, May 20, 2014 at 1:04 PM, David Li <dlipub...@gmail.com> wrote:
> Hi,
>
> I am new to openssl programming. My goal is trying to get a simple server
> up and running. I am using OpenSSL 1.0.1e-fips 11 Feb 2013 on Centos6.5.
>
> I am using SSL_CTX_use_certificate_chain_file() to load my server
> certificate files at initialization. The PEM file is created by
> concatenating server cert, server key and CA cert together. I used the
> following command line to check its format and it seemed OK.
>
> $ openssl s_server -cert servercert.pem -www
> Using default temp DH parameters
> Using default temp ECDH parameters
> ACCEPT
>
> And I can use openssl s_client command line to connect to the above server
> without any issues.
>
>
> Now when I started my server, the code crashed inside
> the SSL_CTX_use_certificate_chain_file():
>
> if (SSL_CTX_use_certificate_file(ctx, SERVER_CERT, SSL_FILETYPE_PEM) !=
> 1) {
> int_error("Error loading server certificate");
> }
>
> There wasn't any detailed errors printed out but only:Segmentation fault
> (core dumped)
>
> I searched the old mailing list and on the web but found no clues so far.
>
> Can anyone suggest how to debug this issue?
>
>
The code that you cited doesn't use SSL_CTX_use_certificate_chain_file.
I'm new to this arena, too. However, I don't think the public-key should be
in the trust chain. Make sure that's correct, and that you're only sending
the one certificate into SSL_CTX_use_certificate_file.
Dustin
> Thanks.
>
> David
>
