Dear Dave,
Thanks for your help.
I solved my problem and I am very ashamed...
I tried with the ssl client command line of my freshly compiled
openssl version and got the same error. After investigation, I
realised that the official windows binary client failed too. Thus, I
was wondering why it w
> From: owner-openssl-us...@openssl.org On Behalf Of Brice André
> Sent: Friday, 31 May, 2013 06:00
> The problem seems indeed to be located in the call to
> X509_STORE_CTX_get1_issuer. In this function, the function
> X509_STORE_get_by_subject returns an error. When digging into this
> code, the
Hello Dave,
Thanks for this info.
I compiled my own openssl lib with debug support and started debugging.
The problem seems indeed to be located in the call to
X509_STORE_CTX_get1_issuer. In this function, the function
X509_STORE_get_by_subject returns an error. When digging into this
code, the
> From: owner-openssl-us...@openssl.org On Behalf Of Brice André
> Sent: Thursday, 30 May, 2013 04:08
> I tested [s_client] and it seems to work properly, which, I
> suppose, means that the problem resides in my client code. I
> copy-pasted the output below.
>
I think so; see more below.
> I jus
Hello,
I tested your small program and it seems to work properly, which, I
suppose, means that the problem resides in my client code. I
copy-pasted the output below.
I just find something strange on the server : to write my server code,
I followed a tuto where they initialised a diffie-helman key
> From: owner-openssl-us...@openssl.org On Behalf Of Brice André
> Sent: Wednesday, 29 May, 2013 03:14
> I performed a test yesterday with the instruction
> SSL_CTX_use_certificate_file(tx,path_to_file, SSL_FILETYPE_PEM);
> replaced by
> SSL_CTX_load_verify_locations(ctx, path_to_file, NULL);
>
>
Hello Jakob,
All commands described in my mail are executed from the client.
I only try to perform server authentication by certificate, and my
problem is that the client is not able to perform this authentication.
I think that my server code is ok (but I may be wrong). On the server
side, the pr
Hello,
Just a little hint:
Your questions would be much clear if you state, at each step,
which end of the connection each thing applies to, like at what
end did you call SSL_CTX_load_verify_locations, at what end did
you get which error messages etc.
I suspect this may be the cause of some con
Hello Dave,
Once again, thanks for your help.
I performed a test yesterday with the instruction
SSL_CTX_use_certificate_file(tx,path_to_file, SSL_FILETYPE_PEM);
replaced by
SSL_CTX_load_verify_locations(ctx, path_to_file, NULL);
Where path_to_file points to my file "server.crt". The function
ret
> From: owner-openssl-us...@openssl.org On Behalf Of Brice André
> Sent: Monday, 27 May, 2013 23:45
> You are right, I am using a self-signed certificate for use by my
> server. In fact, I do not perform client authentication in my
> application : only the server shall be authentified by ssl. The
Hello Dave,
Thank you for your answer.
You are right, I am using a self-signed certificate for use by my
server. In fact, I do not perform client authentication in my
application : only the server shall be authentified by ssl. The client
is authentified by another mechanism.
Here are how I gener
> From: owner-openssl-us...@openssl.org On Behalf Of Brice André
> Sent: Monday, 27 May, 2013 14:48
> I am writing a client-server application I plan to
> generate my self-signed certificate and to embed it in my client.
>
To be clear, a self-signed cert for (used by) the server.
A self-signed c
12 matches
Mail list logo
