Great. Thank You :-)
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Dave Thompson
Sent: Thursday, July 26, 2012 5:49 PM
To: openssl-users@openssl.org
Subject: RE: Using Self-Signed Certificates to create SSL connection.
From: owner-openssl-us...@openssl.org On Behalf Of Hasan, Rezaul (NSN -
US/Arlington Heights)
Sent: Thursday, 26 July, 2012 12:02
I have created a self-signed CA certificate, a Client certificate and a
Server certificate. I signed the Client and Server certificates with
the self-signed CA certificate and placed all certs in the appropriate
locations. Then attempted to create an SSL connection with
'openssl s_client ..' , and get this
Verify return code: 19 (self signed certificate in certificate chain)
Is this an error indicating that the SSL connection failed, or is it
simply
a warning ? I am guessing its just a warning, but wanted to confirm.
For s_client, it's a warning. s_client overrides verify errors and
allows you to continue. Most real apps don't do this and shouldn't,
so for real apps this will probably be fatal.
... -cert client.crt -key client.key -CApath /root/CERT
Did you put your CA cert in /root/CERT with a symlink from
$subjecthash.$seq,
or if you prefer directly under that name? If not, OpenSSL won't find
it.
Alternatively, use -CAfile with all your roots (perhaps only one) in a
file.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
