Joshua Gerth wrote:
> Hi Ernest,
>
>
>>Hi there, i tryed to compile the beta 3.2 htdig, but without setting
>>"setenv CPPFLAGS -I/usr/include/openssl" configure didn't find ssl.h and
>>htdig tryed to access https sites trough plain HTTP protocol. After
>>setting CPPFLAGS, configure found ssl.h and the prog compiled without
>>errors. But when I run in on an https site it allways dumps core. Here
>>is an example of configuring and running.
>>
>
> Are you able to use the ssl_client directly to contact your ssl enabled
> server. (I can't remember the exact script name, but OpenSSL comes with a
> tool with which you can connect to an ssl enabled server. I think there
> is mention of this in the build notes for 3.2.) If you are able to
> connect then let me know and I can look into this further. Otherwise your
> SSL install is busted.
>
It does work
#> openssl s_client -host www.pobox.sk -port 443
CONNECTED(00000003)
depth=0 /C=SK/ST=Slovakia/L=Banska Bystrica, CSA 25/O=POBOX
s.r.o./OU=Internet Services Dept./CN=*[EMAIL PROTECTED]
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=SK/ST=Slovakia/L=Banska Bystrica, CSA 25/O=POBOX
s.r.o./OU=Internet Services Dept./CN=*[EMAIL PROTECTED]
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=SK/ST=Slovakia/L=Banska Bystrica, CSA 25/O=POBOX
s.r.o./OU=Internet Services Dept./CN=*[EMAIL PROTECTED]
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/C=SK/ST=Slovakia/L=Banska Bystrica, CSA 25/O=POBOX
s.r.o./OU=Internet Services Dept./CN=*[EMAIL PROTECTED]
i:/C=SK/ST=Slovakia/L=Banska Bystrica/O=SOMI systems
a.s./OU=Certification Dept./CN=SOMI [EMAIL PROTECTED]
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICyDCCAjECAQYwDQYJKoZIhvcNAQEEBQAwgagxCzAJBgNVBAYTAlNLMREwDwYD
VQQIEwhTbG92YWtpYTEYMBYGA1UEBxMPQmFuc2thIEJ5c3RyaWNhMRowGAYDVQQK
ExFTT01JIHN5c3RlbXMgYS5zLjEcMBoGA1UECxMTQ2VydGlmaWNhdGlvbiBEZXB0
LjEVMBMGA1UEAxMMU09NSSBzeXN0ZW1zMRswGQYJKoZIhvcNAQkBFgxpbmZvQHNv
bWkuc2swHhcNMDEwNTA5MTAyNDMyWhcNMDMwNTA5MTAyNDMyWjCBrzELMAkGA1UE
BhMCU0sxETAPBgNVBAgTCFNsb3Zha2lhMSAwHgYDVQQHExdCYW5za2EgQnlzdHJp
Y2EsIENTQSAyNTEVMBMGA1UEChMMUE9CT1ggcy5yLm8uMSAwHgYDVQQLExdJbnRl
cm5ldCBTZXJ2aWNlcyBEZXB0LjETMBEGA1UEAxQKKi5wb2JveC5zazEdMBsGCSqG
SIb3DQEJARYOYWRtaW5AcG9ib3guc2swgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
AoGBAPnRghYTQTFLBta519lDYRRvA+f7YDIwKyzniAlK6vOObG5pDJ1cHLkGyaSC
7S7OTKlNF6tGqIKsdkkDqp8UQ2PeyFtFY9vvsl3yNiBQKsXQhfkb8GdO7JMoKef3
TntNwwrkHN+5lMdQAbnecm49tfzhHz/6ZgZq+GznFL/cE0dNAgMBAAEwDQYJKoZI
hvcNAQEEBQADgYEAUVgKkFZE2VZNqUNsUvYXPQcNYLXvoZdKnsE0FcwYVEMhG102
QCDzPHBr3llDUruWER8aArkYyEAXpWJ4GUWca7pdEN3ksnraPCxFB60/8Z230QC4
2X5/Ox8EkHWBv+fyq1/PNxMbQjBXBg8lrSn9WDQmPRpbXuaWG2/nxyE3GXE=
-----END CERTIFICATE-----
subject=/C=SK/ST=Slovakia/L=Banska Bystrica, CSA 25/O=POBOX
s.r.o./OU=Internet Services Dept./CN=*[EMAIL PROTECTED]
issuer=/C=SK/ST=Slovakia/L=Banska Bystrica/O=SOMI systems
a.s./OU=Certification Dept./CN=SOMI [EMAIL PROTECTED]
---
No client certificate CA names sent
---
SSL handshake has read 1272 bytes and written 320 bytes
---
New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA
Server public key is 1024 bit
SSL-Session:
Protocol : TLSv1
Cipher : EDH-RSA-DES-CBC3-SHA
Session-ID:
3410017AA2C54B8E3F6B8E5149AFF0566784A8478EFF44CDA1821E051FEB65CA
Session-ID-ctx:
Master-Key:
7A145AD37B95085845DE0C80AFB5DA08978EA07891FBB328A63A6800497C4864D92E588C892F8BA1826E93053653CB8F
Key-Arg : None
Start Time: 1015832393
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
--
Ernest Beinrohr, OERNii
eAdmin @ AxonPro.sk, http://www.AxonPro.sk
+421-2-62410360, +421-905-241903
HomePage: http://www.oernii.sk
_______________________________________________
htdig-general mailing list <[EMAIL PROTECTED]>
To unsubscribe, send a message to <[EMAIL PROTECTED]> with a
subject of unsubscribe
FAQ: http://htdig.sourceforge.net/FAQ.html
