> From: Dave Thompson
> >
> > Yes, the server has a custom root cert that isn't installed on this
> machine. I am happy that the server cert is correct.
> >
> For testing that's okay, but I hope in real use you are verifying.
> Otherwise an active attacker may be able to MITM your connections.
Pr
> From: owner-openssl-users On Behalf Of Ben Arnold
> Sent: Friday, November 08, 2013 10:45
> I have tried using s_client and it fails with the same handshake failure.
Please
> see below.
>
>
> > Attaching a PCAP file of the traffic is much more useful than hex packet
> > dumps.
>
> You're righ
> From: Viktor Dukhovni
>
> You can test with s_client(1) and compare results. Is your client
> certificate an
> RSA certificate? How many bits of public key? Is its signature SHA1 or
> SHA256?
It's a 2048 bit RSA SHA1 certificate, but I think Dave Thompson's right and
it's not getting that f
ing SSL_CTX_set_client_cert_cb to provide the client
> certificate when needed. I have a problem in that OpenSSL 1.0.1e
> does not trigger this callback for all websites that I expect it
> to, only some. Instead on the failing sites there is an SSL
> handshake failure after the client veri
m in that OpenSSL 1.0.1e
> > does not trigger this callback for all websites that I expect it
> > to, only some. Instead on the failing sites there is an SSL
> > handshake failure after the client verifies the server certificate:
>
> You can test with s_client(1) and compa
the failing sites there is an SSL
> handshake failure after the client verifies the server certificate:
You can test with s_client(1) and compare results. Is your client
certificate an RSA certificate? How many bits of public key? Is
its signature SHA1 or SHA256?
> SSL read:
On Sun, Nov 14, 2010, Timur Elzhov wrote:
> Hi, openssl experts!
>
> It's required to transfer data to Apple Push service that is located at
> gateway.sandbox.push.apple.com:2195. I'm given the certificate and private
> key both included in Certificate_and_key.pem. Trying to connect:
>
> $ opens
Hi, openssl experts!
It's required to transfer data to Apple Push service that is located at
gateway.sandbox.push.apple.com:2195. I'm given the certificate and private
key both included in Certificate_and_key.pem. Trying to connect:
$ openssl s_client -connect gateway.sandbox.push.apple.com:2195
On Wed, Jun 24, 2009 at 08:48:28PM -0400, Robert Jacobson wrote:
>
> I'm having a problem with Firefox connecting to a web site at work. I
> found that openssl also has problems with it. I can connect with other
> browsers like IE, Chrome, and Safari.
>
> There is a Firefox bug report, but no
I'm having a problem with Firefox connecting to a web site at work. I found
that openssl also has problems with it. I can connect with other browsers like
IE, Chrome, and Safari.
There is a Firefox bug report, but no one is working on it. See:
https://bugzilla.mozilla.org/show_bug.cgi?id=44
On Fri, Jan 13, 2006, Krishna M Singh wrote:
>
> I remember the SSL stack of Netscape and Firefox are OpenSSL variants.
> Does this mean the same has been fixed in their stacks or is it
> handled by the application itself?.
>
Then you remember incorrectly. Netscape and Firefox use NSS which is
Hi
Thank for the inputs. Disabling TLS removes the problem.
Apart from that i tried following
With the default configuration set and page accessed through Netscape
7.2 the web page is not accessible and when refreshed the page is
accessible. Every time the browser is closed and reopened the sam
On Tue, Jan 10, 2006, Krishna M Singh wrote:
>
> Also when we use SSLv2 only this works fine.. Only with SSLv23 the
> handshake fails. Any ideas or pointers how to proceed further wud be of
> great help..
>
Seems it doesn't support TLS and messes up SSLv3 when the client indicates it
supports T
Hi All
I have written an SSL client that performs SSL handshake with any
webserver and validates the certificate recevied from the Webserver.
With all other site the handshake works pefectly fine and has been
tested with 100's of secure sites..
the SSL handshake between my client and www.harryand
Title: Openssl-0.9.7c changes cause SSL handshake failure
Hi all,
I need some help in figuring out how to solve a SSL handshake failure that started after upgrading (from 0.9.7b) to 0.9.7c. Here are the symptoms:
SSL_connect breaks with SSL_R_MISSING_EXPORT_TMP_RSA_KEY. This happens
Andy Schneider wrote:
>
> Does anyone have any canned code I could steal that does IP address
> validation. I.e. grabs the IP address from the alt subject name and
> compares it against the IP of the incoming socket?
>
No I don't. But in outline you need to extract and decode the subject
alt na
gt;
> Andy S.
>
> > -Original Message-
> > From: Costas Magos [mailto:[EMAIL PROTECTED]]
> > Sent: 04 October 2001 15:40
> > To: [EMAIL PROTECTED]
> > Subject: SSL Handshake Failure !
> > Importance: High
> >
> >
> > Dear all,
> &g
Hi to all,
I'm running an Apache server (1.3.19) with openssl 0.9.6b on Solaris 2.6 /
SPARCclassic platform. Apache serves a site that accesses a database
through various cgi-scripts or through a java applet for more specialized
actions. The database is managed just fine with the cgi-scripts,
Hi,
I'm trying to connect to a site with a self signed certificate. And I
get the below error message. I am able to correctly connect to other
secured sites...
Thanks in advance for the help.
8 /home/pziatek > openssl s_client -connect security.corp.sgi.com:443
-state
SSL_connect:before/connec
Ulf,
I removed the cpp file and everything finally compiled without errors.
Thanks for your continued assistance on this!
Unfortunately, I'm still not able to connect and am still at a loss
as to why. When I run s_client I receive the following:
CONNECTED(0003)
31019:error:140790E3:SSL ro
I am having these problem about the SSL handshake, the stronghold server
return the error code 0x28 (hanshake-failure) after my SSL client program send
the Client_key_exchange (0x16,0x03,0x00,..), Cipher_change_spec
(0x14,0x03,0x00,) and client-hanshake_finished(0x16,0x03,0x00,...). The
Leonid Elbert <[EMAIL PROTECTED]>:
> The following errors I got during a try to connect to a https site.
>> SSLeay>s_client -host www.srd.com -port 443
[...]
>> 4102:error:140790E3:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:224:
It works with
s_client -host www.srd.com -port
Dear sirs,
The following errors I got during a try to connect to a https site.
>
>SSLeay>s_client -host www.srd.com -port 443
>CONNECTED(0003)
>depth=0 /C=US/ST=Ohio/L=Columbus/O=Securities Registration Depository,
>Inc./OU=Securities Registration Depository
>, Inc./CN=www.srd.com
>verify erro
23 matches
Mail list logo