At 12:29 09.07.99 +0200, you wrote:
>Hi All,
>closes the connection (server is set to verify). This sonnection did work
>when I was still using 0.8.1.
>
>Any suggestions?
> // CTX
> ctx = SSL_CTX_new(SSLv23_method());
> // This is newly added to disble TLSv1 (not in 0.8.1 code)
> SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_TLSv1);
> SSL_CTX_set_timeout(ctx, CTX_TIMEOUT);
> SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_BOTH);
> SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
> SSL_CTX_set_verify(ctx, SSL_VERIFY_CLIENT_ONCE | SSL_VERIFY_PEER,
>verify_callback);
> SSL_CTX_load_verify_locations(ctx, NULL, CaPath);
> SSL_CTX_set_default_verify_paths(ctx);
>
> // SLL
> ssl = SSL_new(ctx);
> SSL_set_connect_state(lpLink->ssl);
> SSL_set_fd(ssl, Socket); // ..give socket to ssl
> SSL_CTX_use_certificate(ctx, X509_dup(gPubCert));
> SSL_CTX_use_RSAPrivateKey(ctx, RSAPrivateKey_dup(gRsaKey));
use SSL_use_certificate(ssl,gPubCert);
and SSL_use_PrivateKey(ssl,pkey); or SSL_use_RSAPrivateKey(ssl,gRsaKey);
By
Goetz
--
Goetz Babin-Ebell mailto:[EMAIL PROTECTED]
TC Trust Center for Security http://www.trustcenter.de
in Data Networks GmbH Tel.: +49-40-766 29 3301
Am Werder 1 / 21073 Hamburg / Germany Fax.: +49-40-766 29 577
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
