No Subject

Guy Sagy Mon, 23 Apr 2001 16:53:24 -0700
Hi , 

I have created a DSA certificate & private key files for my server with the
following commands , which seems to have ended OK : 

rem Create a new certificate for my CA using a root CA certificate:
openssl req -new -x509 -keyout cakey.pem -out cacert.pem -config openssl.cnf
-newkey dsa:root.pem

rem Create a new certificate request for my server
openssl req -new -keyout servkey.pem -out servreq.pem -days 360 -config
openssl.cnf -newkey dsa:cacert.pem

rem Get my server certificate signed by the CA
openssl ca -policy policy_anything -out servcert.pem -config openssl.cnf
-infiles servreq.pem

And then tried to do application initializations on the SSL library using the
following function: 

SSL_CTX* InitializeSSL( char* password )
{
        SSL_METHOD* pSSLMethod;
        SSL_CTX *pSSLContext;

        SSL_library_init();
        SSL_load_error_strings();

        pSSLMethod = SSLv23_method();
        pSSLContext = SSL_CTX_new( pSSLMethod );

        if ( !(SSL_CTX_use_certificate_file( pSSLContext, "servcert.pem",
SSL_FILETYPE_PEM )))
                Error( "Unable to load certificate file" );

        pass = password;
        SSL_CTX_set_default_passwd_cb( pSSLContext, password_cb );
        if ( !( SSL_CTX_use_PrivateKey_file( pSSLContext, "servkey.pem",
SSL_FILETYPE_PEM )))
                Error( "Unable to load private key" );

        if ( !(SSL_CTX_load_verify_locations( pSSLContext, "cacert.pem", 0 )))
                Error( "Couldn't read CA cert" );

        SSL_CTX_set_verify_depth( pSSLContext, 1 );

        if ( !( RAND_load_file( RANDOM, 1024*1024 )))
                Error( "Couldn't load randomness" );

        return pSSLContext;
}

But the function call SSL_CTX_use_PrivateKey_file(...) above fails internally
inside pem_lib.c , on line 451 , line
PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT) .

Anybody got an idea what might be wrong here with my server key file, or
anything else...?
I am using OpenSSL 0.9.6a on a Windows NT machine.

Thanks,
Guy

Guy Sagy

Residence :  
2600 Netherland Ave. 
Apt. #1923 
Riverdale, New York 10463 
USA

E-mail : [EMAIL PROTECTED]

Residence Tel. : 
(718)548-3673

Office Tel. : 
(212)820-5287


____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
No Subject

Reply via email to
