:
BEGIN CERTIFICATE-
-END CERTIFICATE-
Can two certificates be presented to a client which will identify the
chained certificate to be verified ?
Regards.
--
View this message in context: http://openssl.6102.n7.nabble.com/2-Server-
certificates-tp50872p50937.html
Sent
On 6/13/2014 3:15 AM, nicolas@free.fr wrote:
the fact is a server can only send a single certificate, however this one can
be signed by multiple CAs
I wish. Unfortunately, it's a single certificate, signed by a single
CA. Which itself can be signed by another single CA, and so on until
-
Can two certificates be presented to a client which will identify the
chained certificate to be verified ?
Regards.
--
View this message in context:
http://openssl.6102.n7.nabble.com/2-Server-certificates-tp50872p50937.html
Sent from the OpenSSL - User mailing list archive at Nabble.com
CERTIFICATE-
Regards.
- Original Message -
From: nicolas@free.fr
To: openssl-users@openssl.org
Date: Fri, 13 Jun 2014 02:02:51 +0200 (CEST)
Subject: Re : Re: Re : Re: 2 Server certificates
Hi,
sorry for the first answer, I didn't read in details :-/
looking at your certificate chain
: Re: 2 Server certificates
Hi Nicolas,
pit-ca issued another certificate to a client wanting to connect to the same
server identified by secure.payerspot.com.
I'm looking for a solution allowing two clients to connect to the same
server using certificates issued by different CAs.
In this case
!
- Mail d'origine -
De: Hafedh TRIMECHE hafedh.trime...@gmail.com
À: openssl-users@openssl.org
Envoyé: Fri, 13 Jun 2014 10:22:46 +0200 (CEST)
Objet: Re: Re : Re: Re : Re: 2 Server certificates
Hi Nicolas,
pit-ca issued another certificate to a client wanting to connect to the same
server
this message in context:
http://openssl.6102.n7.nabble.com/2-Server-certificates-tp50872.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http
Yes,
The client certificate is excepted.
- Original Message -
From: Saurabh Pandya er.saurabhpan...@gmail.com
To: openssl-users openssl-users@openssl.org
Date: Thu, 12 Jun 2014 12:05:09 +0530
Subject: Re: 2 Server certificates
To handle CA cert chain, you can use
return code: 21 (unable to verify the first certificate)
--
View this message in context:
http://openssl.6102.n7.nabble.com/2-Server-certificates-tp50872p50877.html
Sent from the OpenSSL - User mailing list archive at Nabble.com
:49:49 +0200 (CEST)
Objet: Re: 2 Server certificates
I used this pascal procedure to handle other CAs
procedure TWEBStandaloneServer.InsertCA(CA,Root:UnicodeString);
var
x509 : pX509;
begin
{ The next four functions are only useful for TLS/SSL servers.
f_SSL_CTX_add_client_CA
help because the certificates are stored
in blob not in files.
Regards
--
View this message in context:
http://openssl.6102.n7.nabble.com/2-Server-certificates-tp50872p50889.html
Sent from the OpenSSL - User mailing list archive at Nabble.com
unknown
Regards
--
View this message in context:
http://openssl.6102.n7.nabble.com/2-Server-certificates-tp50872.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project
can't help because the certificates are stored in
blob not in files.
Regards
- Original Message -
From: nicolas@free.fr
To: openssl-users@openssl.org
Date: Thu, 12 Jun 2014 16:22:36 +0200 (CEST)
Subject: Re : Re: 2 Server certificates
Hi
it seems that you could use the following
Envoyé: Thu, 12 Jun 2014 16:39:23 +0200 (CEST)
Objet: Re: Re : Re: 2 Server certificates
Hi Nico,
As described in OpenSSL documentation the 2 functions are equivalent:
SSL_set_client_CA_list() sets the list of CAs sent to the client when
requesting a client certificate for the chosen ssl
- SSL_CTX_add_client_CA
to avoid the error 14094416 certificate unknown
Regards
--
View this message in context:
http://openssl.6102.n7.nabble.com/2-Server-certificates-tp50872.html
Sent from the OpenSSL - User mailing list archive at Nabble.com
15 matches
Mail list logo