DavidTaylor <[EMAIL PROTECTED]>: > I am testing our SSL in client mode and OpenSSL in server mode, with one > export cipher spec enabled as shown in the command below. My question is > why does OpenSSL look for a client certificate? It didn't write a > certificate request message so our SSL didn't send a certificate which > has upset OpenSSL and caused it to close the connection. > The output from OpenSSL is: [...] >> SSL_accept:SSLv3 write key exchange A >> SSL_accept:SSLv3 write server done A >> SSL_accept:SSLv3 flush data >> SSL3 alert read:fatal:bad certificate This doesn't look as if the server actually requested a certificate, which would involve one further state. But the input received from the client apparently looked like a client certificate message. Please run the test again with the "-debug" option to s_server, so that the actual data received by the server can be seen. Since the [EMAIL PROTECTED] mailing list is about TLS standardization, but this problem is about particular implementations, I'm taking this to the OpenSSL mailing list [EMAIL PROTECTED] (subscription requests go to [EMAIL PROTECTED] with "subscribe openssl-users" in the body). Bodo M"oller <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
