Hi you all, I'm developing an ssl client with server authentification. It works allright but it doesn't authentificate the server because: I tried: openssl s_client -verify 2 -CAfile vsignss.pem www.theserver.com:443 it connects to the server and gives back no error messages. Fine, the server has been authentificated!! Using the example code from the SSL gadget from www.darkspell.com I tried to do the same. The first difference is that openssl can perform the authentification with .pem files, while in the example code I use you need a .der file. Though darkspell has a trick to get a lot of .der files from netscape I didn't got it to work, so I only have one .der file which I downloaded from thawte. This der file doesn't authentificate the server :-(. I know that the CA the server uses is the same as in the file /certs/vsignss.pem because openssl can authentificate it using this file. So how can I get a pem file to be a .der file, so that my code can authentificate the server.? Are there other ways to get .der files? openssl s_client works fine with the CApath option, why can't I use it with the code from darkspell? Note: Using: cc, Irix, Silicon graphics, openssl 0.9.5a. Note2: If you have problems with the code from darkspell, I found some stupid bugs (like missing ";"). I can tell you if you want. Thanks a lot. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
