On Thu, Mar 13, 2014 at 12:07:09PM +0530, Harshal Talele wrote:
> I have now added server cert, private key and intermediate certificates
> in one file and reading them using SSL_CTX_use_certificate_chain_file()
> API.
>
> But one thing I want to understand. My server certificate is self-signed.
Thanks Victor.
I believe this was the problem.
I have now added server cert, private key and intermediate certificates in
one file and reading them using SSL_CTX_use_certificate_chain_file() API.
But one thing I want to understand. My server certificate is self-signed.
And intermediate certificat
On Mon, Mar 10, 2014 at 01:38:46PM +0530, Harshal Talele wrote:
> As a matter of fact with use of with use of
> SSL_CTX_use_certificate_chain_file() API SSL handshake continues to fail
You must put all the PEM certificates (leaf certificate and intermediate CAs)
in the *same* file. With the leaf
As a matter of fact with use of with use of
SSL_CTX_use_certificate_chain_file() API SSL handshake continues to fail
with error "
As you have mentioned Victor, I am using SSL_CTX_use_certificate_file() API
to read cert.pem which contains server certificate & private key.
Now I have another file cha
On Sat, Mar 08, 2014 at 08:26:54PM +0530, Harshal Talele wrote:
> In my case cert.pem file contains private key too.
> I wan to understand if I have to be use intermediate certificates in SSL
> handshake is there any specific way in which we have to populate SSL_CTX
> structure?
>
> I have tried
Thank you for your reply Meer.
In my case cert.pem file contains private key too.
I wan to understand if I have to be use intermediate certificates in SSL
handshake is there any specific way in which we have to populate SSL_CTX
structure?
I have tried using SSL_CTX_use_certificate_chain_file() AP
Harshal,
Check parameter 2 on SSL_CTX_use_PrivateKey_file(). It should be a pointer to
the name of the file that contains the private key, not the certificate file.
As an example on my (working) prototype server I use the following:
// Define whatever ciphers you want. I used AES-128. Client
