On Fri, Mar 29, 2002 at 08:14:19PM +0530, biswaksen wrote:
I have written a client/server code using openssl.
when i am verifying the server certificate on the client side and also the client
certificate on the server side the verification fails.
On the client side ,
SSL_get_verify_result(ssl) returns code 18.
which is :
18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed
certificate
i have the server certificate on the client side and i am using this function in my
client code.
if (SSL_CTX_load_verify_locations(ctx,CERTF,HOME) = 0 ) {
ERR_print_errors_fp(stderr);
exit(3);
}
where CERTF is server certificate and HOME is the certificate path.
i have used verify command to check the server certificate which the server is
sending to the client and the certificate the client is having on its side. this
command gives OK.
then i dont know where is the problem. Please tell me why it fails.
It should work in the way described. Please make sure that you have building
against a recent version of the OpenSSL library, as the option to supply
self signed certificates in the CAfile has only been added recently.
Please also check out, whether the certificate is correctly loaded from
CERTF. HOME is not needed when the certificate in question is already
contained in CERTF. Put only the cert in question into CERTF and set
the CApath argument to NULL for testing.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
