The "Client does not have certificate" message is from serv and is expected if you're using cli as the client. It's not part of your error. What exactly are you using as arguments for SSL_set_cipher_list()? The old SSLeay_add_ssl_algorithms() was supposed to do that... It looks as though you have a problem here, since you're getting "SSL connection using (NONE)". That should be something like "SSL connection using DES-CBC3-MD5." SSL_CTX_load_verify_locations() is only meaningful if you have also done a SSL_CTX_set_verify() with VERIFY_PEER. -----Original Message----- From: Tugrul Bingol [mailto:[EMAIL PROTECTED]] Sent: Monday, March 27, 2000 8:42 PM To: Richard Levitte - VMS Whacker Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Creating CA certificates file Richard Levitte - VMS Whacker wrote: From: Tugrul Bingol <[EMAIL PROTECTED]> Subject: Re: Creating CA certificates file Date: Mon, 27 Mar 2000 14:19:36 -0800 Message-ID: <[EMAIL PROTECTED]> bingol> bingol> Thanks for the answers but I still couldn't solve my problem. bingol> bingol> bingol> I get the following error message from demo server on Irix. bingol> bingol> ---------------------------------------------------------------- bingol> Connection from a39a2264, port 935 bingol> SSL connection using (NONE) What does NONE mean? I assume your program outputs that. Oops, sorry! It was the output of ..../demos/serv.cpp bingol> Client does not have certificate. Looks like you've enabled client verify, meaning the client must send a client certificate to your program... bingol> 164984:error:140780E5:SSL routines:SSL23_READ:ssl handshake bingol> failure:s23_lib.c:186: That's the concequence of trying to run the client without a client cert if the server requires the client to send a cert... Hope that helped... Thanks for the answer but I didn't enable the client verify. I just added SSL_set_cipher_list(..) to both client and server and SSL_CTX_load_verify_locations(...) to client. Somehow, an error occurs during the handshake but I cannot figure out the reason of that error. Could anyone run demo programs succesfully? If so, can you give me a pointer? Thanks. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 Redakteur@Stacken \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team Unsolicited commercial email is subject to an archival fee of $400. See < http://www.stacken.kth.se/~levitte/mail/ <http://www.stacken.kth.se/~levitte/mail/> > for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
