X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Cert Type: SSL Client, S/MIME Netscape Comment: OpenSSL Generated Certificate
is why it is failing. The server certificate needs: X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Cert Type: SSL Server, S/MIME Netscape Comment: OpenSSL Generated Certificate Or X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Cert Type: SSL Client, SSL Server, S/MIME Netscape Comment: OpenSSL Generated Certificate -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sven Löschner Sent: 28 April 2005 16:26 To: openssl-users@openssl.org Subject: RE: SSLVerifyClient > If you can post the output of: > > openssl x509 -in cert.pem -text -noout Okay, this comes out with the server.pem (I shortend the Algorithm-Tables with "...": Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: md5WithRSAEncryption Issuer: C=DE, ST=test, L=test, O=test, OU=test, CN=test.net/[EMAIL PROTECTED] Validity Not Before: Apr 28 08:10:22 2005 GMT Not After : Apr 28 08:10:22 2006 GMT Subject: C=DE, ST=test, O=test, OU=test, CN=test.net/[EMAIL PROTECTED] Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00... Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Cert Type: SSL Client, S/MIME Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: CF:EC:79:6E:AA:45:EA:69:8A:1E:61:A6:CB:1D:AA:FC:00:A4:3C:07 X509v3 Authority Key Identifier: keyid:40:83:CD:62:12:94:CD:79:58:E6:AE:C4:8A:DC:82:51:B3:21:64:E9 DirName:/C=DE/ST=test/L=test/O=test/OU=test/CN=test.net/[EMAIL PROTECTED] st.net serial:00 Netscape SSL Server Name: https://www.test.net Signature Algorithm: md5WithRSAEncryption b9:e8.... Bye, Sven ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]