Hi All,
I have created a self-signed CA certificate, a Client certificate and a
Server certificate. I signed the Client and Server certificates with the
self-signed CA certificate and placed all certs in the appropriate
locations. Then attempted to create an SSL connection with 'openssl
s_client ....' , and get this
Verify return code: 19 (self signed certificate in certificate chain)
Is this an error indicating that the SSL connection failed, or is it
simply a "warning" ? I am guessing its just a warning, but wanted to
confirm...
[root@eLite1 CERT]# openssl s_client -connect 80.1.0.1:443 -ssl3 -cert
client.crt -key client.key -CApath /root/CERT
CONNECTED(00000003)
depth=1 /C=US/ST=TX/L=FTW/O=NSN/CN=82.1.0.1
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
0 s:/C=US/ST=TX/L=FTW/O=NSN/CN=80.1.0.1
i:/C=US/ST=TX/L=FTW/O=NSN/CN=82.1.0.1
1 s:/C=US/ST=TX/L=FTW/O=NSN/CN=82.1.0.1
i:/C=US/ST=TX/L=FTW/O=NSN/CN=82.1.0.1
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFBjCCAu4CAQEwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UEBhMCVVMxCzAJBgNV
...
PZ6ww2xA989bF2G1zvHwJZsdSJOCuz/ueZ760XTdhPy8PCPbU+W9JNpv
-----END CERTIFICATE-----
subject=/C=US/ST=TX/L=FTW/O=NSN/CN=80.1.0.1
issuer=/C=US/ST=TX/L=FTW/O=NSN/CN=82.1.0.1
---
No client certificate CA names sent
---
SSL handshake has read 2998 bytes and written 709 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 4096 bit
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : SSLv3
Cipher : AES256-SHA
Session-ID:
E09D355918C3C05C10A4B7E41BA223EA5F43A725457FB14470F727F1FE447ECD
Session-ID-ctx:
Master-Key:
CCB3A02A4D9F090F140EFF30D18E5E82F653C77C8A66A439F4AA3E1F485713043F4AE0BE
FFEB97F98D470DFD10554A20
Key-Arg : None
Krb5 Principal: None
Compression: 1 (zlib compression)
Start Time: 1343273949
Timeout : 7200 (sec)
Verify return code: 19 (self signed certificate in certificate
chain)
---
closed
