luck.
From: owner-openssl-us...@openssl.org<mailto:owner-openssl-us...@openssl.org>
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Ben Arnold
Sent: Tuesday, December 17, 2013 06:05
To: openssl-users@openssl.org<mailto:openssl-users@openssl.org>
Subject: *** Spam *** HTTPS TLSv1.
Hi,
I am using libcurl and OpenSSL to communicate with various webservers, most of
which require client authentication. I am having trouble connecting to one
server that requires TLSv1.2. After the server has sent a Certificate Request,
OpenSSL sends up the client cert (I think) and the serve
> From: Dave Thompson
> >
> > Yes, the server has a custom root cert that isn't installed on this
> machine. I am happy that the server cert is correct.
> >
> For testing that's okay, but I hope in real use you are verifying.
> Otherwise an active attacker may be able to MITM your connections.
Pr
> From: Viktor Dukhovni
>
> You can test with s_client(1) and compare results. Is your client
> certificate an
> RSA certificate? How many bits of public key? Is its signature SHA1 or
> SHA256?
It's a 2048 bit RSA SHA1 certificate, but I think Dave Thompson's right and
it's not getting that f
