Re: OpenSSL and CA
My code is working now, but verification exchange doesn't work!Can I paste code on a paste site where you can read it and help me?Thanks2006/10/7, Vincenzo Sciarra [EMAIL PROTECTED]:Very Very Usefull Thanks.My client is working. Now I'm starting to develop server!VincenzoBernhard Froehlich ha scritto: Vincenzo Sciarra wrote: I want to verify that a client certificate is issued by an acceptable CA. Thanks You'd do it the same way as verifying that the server's CA is acceptable. Would be something like* Setting a CA-file or a CA directory containing the acceptable CAs into the context with SSL_CTX_load_verify_locations* Setting mode ***SSL_VERIFY_PEER* with SSL_CTX_set_verify* Possibly also set a callback with SSL_CTX_set_verify or useSSL_get_peer_certificate to check for extensions (for example to do OCSP or CRL checking) Hope it helps. Ted ;)
[no subject]
How low will we go? Check out Yahoo! Messengers low PC-to-Phone call rates.
Openssl Error + Apache
Hi there ~ I have an Apache installation running mod_ssl and would like to setup another VirtualHost that runs under SSL on a different port (e.g. 8443). The default site on port 443 is running fine with SSL. The new certificate I have installed for the second site appears to be incorrect or the version of OpenSSL I have is not up to date. This causes Apache to crash. Can someone look at the error(s) below and please tell me where to start or how to fix it? Errors: [Fri Oct 6 13:37:21 2006] [error] mod_ssl: Init: Unable to read server certificate from file /apache/conf /mycertificatename.crt (OpenSSL library error follows) [Fri Oct 6 13:37:21 2006] [error] OpenSSL: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Fri Oct 6 13:37:21 2006] [error] OpenSSL: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error Thanks in advance Gary __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]