Hi all, I have a self-signed certificate installed on a server with the following extensions fields.
============================================================= Key Usage: Digital Signature, Key Encipherment (a0) -------------------------------------------------------------------------------------------------------------------------- Basic Constraints : Subject Type=End Entity, Path Length Constraint=None -------------------------------------------------------------------------------------------------------------------------- Enhanced Key Usage: Server Authentication (1.3.6.1.5.5.7.3.1), Client Authentication (1.3.6.1.5.5.7.3.2) ============================================================= Now when my client tries to make a TLS connection with this server. The client sends Client Hello and then the server responds with Server Hello(which has the above self-signed certificate). I installed this self-signed certificate with on my client. My client is not able to verify the certificate and is terminating the TLS connection with Alert message(Unknown CA). Could any one please let me know why client is not able to verify the certificate? My client is using openssl version "OpenSSL 1.0.1e". Thanks, Harendra
