Hi !!! I want to restrict access to some inetd services (ie telnet/pop/imap) on one of my servers to some users over the Net. Using Redhat, I've allready have installed apache 1.3.4 + mod_ssl 2.2.2 (apache-mod_ssl-1.3.4-2.2.2-0.i386.rpm) and SSLeay 0.9b (SSLeay-0.9.0b-4.i386.rpm + SSLeay-devel-0.9.0b-4.i386.rpm). I used SSLeay tool CA.sh to build a private CA. I generated some certificates for selected users. and the hash was done on the dir with all the certs. Since existing packages 'sslwrap' and 'stunnel' doesn't seems to use CApath/CAfile, I start to play with both s_client/s_server. s_server continue connection even when client doesn't provide a certificate (good) But got in server messages: "unable to get local issuer certificate" Even when the client use a cert from the generated :-| Worse, it accept all connection when the client provide a cert even when it is not in the certificates directory. (bad). Any help !!! +---------------------------------------------+ | | S.L.I.B | | ____[_]____ | 5 Place Charles B�raudier | | (. .) | 69428 Lyon Cedex 03 | +-oOOo--(_)--oOOo-----------------------------+ | Tel: 0472367723 | | Henri Gomez [EMAIL PROTECTED] Fax: 0472367778 | +---------------------------------------------+ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
