|
Thank you for your reply.
If I understand what you are saying, could I fix this by
modifying s_client so that it doesn't attempt to verify the server
chain?
As far as I
can see 156.77.100.189:443 doesn't send its full certificate chain =>
OpenSSL can't verify the server certificate. (Would be nice with a working
verify option...) Connecting with Netscape works fine because the issuer
(RSA Data Security, Secure Server Certification Authority) is in its local
db. Also, connecting with other applications which doesn't verify the chain
works ok.
Patrik
paul anderson wrote:
I am
having a problem using openssl s_client to connect to the following
server: 156.77.100.189:443 When I try
to connect, I get an ssl handshake failure. I suspect this has
something to do with the fact that I am using the supplied test
certificates, but being a total ssl newcomer, I don't really
know. This is the command I have been running
in the apps directory: ./openssl s_client
-connect 156.77.100.189:443 -cert ./client.pem This works just fine for a few other addresses (208.213.98.243,
193.67.236.124), but I get the following error for that particular
server: "12974:error:140790E5:SSL
routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:203:" Any help would be
greatly appreciated.
|
