RE: tlsv1 alert unknown ca

2013-10-03 Thread Dave Thompson
> From: owner-openssl-us...@openssl.org On Behalf Of Troyanker, Vlad > Sent: Wednesday, October 02, 2013 20:17 > In response to David: If I do not set VERIFY_PEER flag, then client does > NOT deliver its certificate to server. At least SSL_Peer_Certificate() > returns null. > You do need VERIFY i

Re: tlsv1 alert unknown ca

2013-10-02 Thread Troyanker, Vlad
t;Wim Lewis" wrote: > >On 1 Oct 2013, at 3:00 PM, Troyanker, Vlad wrote: >> PROBLEM: the server fails SSL connection with SSL_accept: tlsv1 alert >>unknown ca >> >> The funny part I cannot even find where in source code that error (code >>SSL_R_TLSV1_ALERT

Re: tlsv1 alert unknown ca

2013-10-01 Thread Wim Lewis
On 1 Oct 2013, at 3:00 PM, Troyanker, Vlad wrote: > PROBLEM: the server fails SSL connection with SSL_accept: tlsv1 alert unknown > ca > > The funny part I cannot even find where in source code that error (code > SSL_R_TLSV1_ALERT_UNKNOWN_CA) gets thrown. I am looking through &

RE: tlsv1 alert unknown ca

2013-10-01 Thread Dave Thompson
wner-openssl-us...@openssl.org] On Behalf Of Troyanker, Vlad Sent: Tuesday, October 01, 2013 18:01 To: openssl-users@openssl.org Subject: tlsv1 alert unknown ca We are building a peer-to-peer system that uses SSL for connection privacy and performs authentication outside of SSL. The system creates s

tlsv1 alert unknown ca

2013-10-01 Thread Troyanker, Vlad
rror signing certificate"); } return x509; } PROBLEM: the server fails SSL connection with SSL_accept: tlsv1 alert unknown ca The funny part I cannot even find where in source code that error (code SSL_R_TLSV1_ALERT_UNKNOWN_CA) gets thrown. I am looking through openssl-1.0.1e/ssl/s3_srvr.c What am I missing? Thank you for your time

Re: all certs in chain validate, get "tlsv1 alert unknown ca"

2009-03-07 Thread Victor Duchovni
On Sat, Mar 07, 2009 at 01:12:38PM -0500, Paul Hart wrote: > Hi, > > I'm running into an issue (with both 0.9.7l and 0.9.8g) where I'm > attempting to connect to a server with a client certificate and what > appears to be a complete chain of server certificates, and yet I'm > still getting the 'u

all certs in chain validate, get "tlsv1 alert unknown ca"

2009-03-07 Thread Paul Hart
Hi, I'm running into an issue (with both 0.9.7l and 0.9.8g) where I'm attempting to connect to a server with a client certificate and what appears to be a complete chain of server certificates, and yet I'm still getting the 'unknown ca' error. My command line is: openssl s_client \  -connect [HO