I tried to openSSL_add_all_algotithms instead of
SSL_library_init but i am still seeing the same
issue.
--- rajagopalan ramanujam <[EMAIL PROTECTED]>
wrote:
>
> hi,
>
> I have defined SSL_library_init rather then
> openSSL_add_all_algorithms to save memory.
>
> I have turned on DES,RC4 in chipers and MD5,SHA in
> message digest.
>
> Could you let me know what could be problem.
>
> I can connect to www.thawte.com and X509_verify
> is successful. And also i have generated selfsigned
> certificate which are working too.
>
> For Ex: www.google.com:443 i cannot connect,
> i get error (7).
>
>
> --- "Dr. Stephen Henson" <[EMAIL PROTECTED]> wrote:
> > On Fri, Jun 06, 2003, rajagopalan ramanujam wrote:
> >
> > > hi,
> > >
> > > I exported thawte server CA and verisign class3
> > > certificates from the browser for testing and
> > > converted to C structure using x509 -C -in
> xxx.cer
> > >
> > > xxx.C and added to my SSL client. Following is
> the
> > > code below.
> > >
> > > I am calling this function in a loop to load the
> > > certificates:
> > >
> > > unsigned char thawte_cert[791] = {
> > > 0x30,0x82...};
> > >
> > > unsigned char verisign_cert[576] = {
> > > 0x30,0x82...};
> > >
> > >
> > > SSL_load_cert(ctx,thawte_cert,791);
> > > SSL_load_cert(ctx,verisign_cert,576);
> > >
> > >
> > > SSL_load_cert(SSL_CTX *ctx,char *c,int size)
> > > {
> > > x = d2i_X509(NULL,&c,size);
> > > cert_store = SSL_CTX_get_cert_store(ctx);
> > > X509_STORE_add_cert(cert_store,x);
> > > return;
> > > }
> > >
> > > I verified the same certificates in .pem format
> > using
> > > openssl s_client and its connects to
> > > www.paypal.com..but when i connect from my
> client
> > it
> > > gives X509_V_ERR_CERT_SIGNATURE_FAILURE.
> > >
> > > If i try connecting to www.thwate.com:443 it
> works
> > but
> > > it gives the same error when i am trying to
> > connect to
> > > other servers with thawte signed certificates.
> > >
> > >
> > > Can anyone plese let me know what's going on....
> > >
> >
> > Well I could say read the FAQ...
> >
> > Alternatively since I'm feeling in a good mood
> I'll
> > say its probably a missing
> > OpenSSL_add_all_algorithms(). With appologies in
> > advance if it isn't :-)
> >
> > Steve.
> > --
> > Dr Stephen N. Henson.
> > Core developer of the OpenSSL project:
> > http://www.openssl.org/
> > Freelance consultant see:
> > http://www.drh-consultancy.demon.co.uk/
> > Email: [EMAIL PROTECTED], PGP
> key:
> > via homepage.
> >
>
______________________________________________________________________
> > OpenSSL Project
> > http://www.openssl.org
> > User Support Mailing List
> > [EMAIL PROTECTED]
> > Automated List Manager
> [EMAIL PROTECTED]
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Calendar - Free online calendar with sync to
> Outlook(TM).
> http://calendar.yahoo.com
>
______________________________________________________________________
> OpenSSL Project
> http://www.openssl.org
> User Support Mailing List
> [EMAIL PROTECTED]
> Automated List Manager
[EMAIL PROTECTED]
__________________________________
Do you Yahoo!?
Yahoo! Calendar - Free online calendar with sync to Outlook(TM).
http://calendar.yahoo.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
