Hi All, I am using OpenSSL 0.9.8.k. We are using the following function to configure device certificate and private key: SSL_CTX_use_certificate_chain_file() and SSL_CTX_use_PrivateKey_file().
When SSL_ctx object is loaded with the client certificate and private key using above 2 functions, then TLS handshake fails, even the client hello is not sent to the server and client is closing the connection by sending FIN message. But when this object is not loaded with client certificate and private key then Client hello is sent to server and TLS handshake is successful. Following are the failure logs when client hello is not sent to server: 0529114428|sip |4|00|SSL_connect failed 'error:00000000:lib(0):func(0):reason(0)' 0529114428|sip |4|00|SSL_connect error 5 When the following macro is defined in Opensslconf.h, TLS handshake was successful: #ifndef OPENSSL_NO_TLSEXT # define OPENSSL_NO_TLSEXT #endif Could anyone please let me know why TLS is working on defining this macro? Note: Initially we used openssl 0.9.7d version. On this version we didn’t find the above problem and “OPENSSL_NO_TLSEXT” macro is not available in this version. I am using client certificate with the following options: Version : v3 Signature algorithm : SHA-256 and RSA 1024 bit private key is being used. Regards, Prathima -- View this message in context: http://www.nabble.com/TLS-handshake-is-not-intiated-when-the-SSL-ctx-object-has-client-certificate-and-private-key-on-Openssl-0.9.8k-tp23813018p23813018.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
