> David Murphy wrote:
>
>
> This works OK in that the SSL handshake succeeds. However I notice in
> the client side that the server has sent the private key to the client
> during the handshake. That didn't seem to right so I tried to put the
> private key into a separate file (and remove it from server.pem) and
> call SSL_CTX_use_PrivateKey_file.
>
> This gives the message :-
>
> x509_check_private_key:key values mismatch
>
> So questions :-
>
> 1. Why is the OpenSSL server sending the private key to the client?
What makes you think it has sent the private key? What it should send is
its DSA certificate which contains the DSA parameters and the public
key.
In DSA p, q, and g are DSA parameters which are public knowledge along
with the public key.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
