rk debug log (using RSA private key) shows me client and
>> server agreed on cipher sent by client cipher list(1).
>> However openssl cipher command (one of 'AES' i think
>> TLS_DH_RSA_WITH_AES_128_CBC_SHA agreed by client/server) doesn't show
>> up this cip
0.9.8 on redhat linux.
First off: "Unknown CA" error from server to client means that *client*
certificate was signed by a CA which the SSL server was not configured
to trust as an issuer of client certificates.
Done a lot of googling but no clear pointers were available yet.
Pleas
key) shows me client and
server agreed on cipher sent by client cipher list(1).
However openssl cipher command (one of 'AES' i think
TLS_DH_RSA_WITH_AES_128_CBC_SHA agreed by client/server) doesn't show
up this cipher. Am not suspecting (so eagerly) unknown ca error is
just because o
I am trying to run the following command:
[root@localhost certs]# openssl s_client -connect localhost:7043 -cert
/opt/openssl-1.0.0a/ssl/
certwork_client/client.crt -key
/opt/openssl-1.0.0a/ssl/certwork_client/client.key -CAfile
/opt/openssl-1.0.0a/ssl/certwork/ca.crt -showcerts -state -verify 2
v
server and opens a socket and calls
>> SSL_Connect(). Server sends his certificate. Client notices that
>> server has a older CA and returns UNKNOWN CA error.
>>
>> At this point can we reuse the socket by cleaning up the old SSL
>> connection and
g to connect to server and opens a socket and calls
> SSL_Connect(). Server sends his certificate. Client notices that
> server has a older CA and returns UNKNOWN CA error.
>
> At this point can we reuse the socket by cleaning up the ol
to server and opens a socket and calls
SSL_Connect(). Server sends his certificate. Client notices that
server has a older CA and returns UNKNOWN CA error.
At this point can we reuse the socket by cleaning up the old SSL
connection and recreating a new one?
--Satish
Hello Dr.Stephen,
The cmd switches I am using are
OpenSSL> s_client -connect :443 -state
-cert leafcert.pem -key
privkey.pem -CAfile nyisobag.pem
Loading 'screen' into random state - done
Enter PEM pass phrase:
840:error:0906D066:PEM routines:PEM_read_bio:bad end
line:.\crypto\pem\pem_lib.c
:736
On Tue, Aug 03, 2004, nathv wrote:
> Hello All,
>
> I am trying to access a server using s_client and I am
> passing the leaf and self signed CA of the server
> through -CAfile switch, but I am still getting the
> error below, any ideas?.
>
> .
> SSL_connect:SSLv3 write certificate verify A
