Dear Sir/Madam,
I have an application which acting as SSL server. When the application loads
the root and intermediate CA files from a CA path, the handshake between my
application and openssl client was failed at the point when my application was
authenticating the client's certificate. But when I bound the root CA and
intermediate CA into a single pem file and reload it from my application, the
handshake is successful. Could anybody help me resolve this issue? Below is the
sample of my application code for loading the CA certificates:
if (SSL_CTX_load_verify_locations(ctx, caFile, caPath) != 1) {
exit;
}
if (SSL_CTX_set_default_verify_paths(ctx) != 1) {
exit;
}
if (SSL_CTX_use_certificate_chain_file(ctx, certFile) != 1) {
exit;
}
if (SSL_CTX_use_PrivateKey_file(ctx, keyFile, SSL_FILETYPE_PEM) != 1) {
exit;
}
SSL_CTX_set_verify_depth(ctx, chainDepths);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
callback);
SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
Thank you very much!
Bob
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
