Re: 1.0.1beta1, incompatibility with gnutls?
On 03/08/2012 11:05 PM, David Holmes wrote: I'm trying to use openssl 1.0.1beta1 s_server with gnutls 2.4.1 (gnutls-cli). s_server is complaining of an unknown extension (see debug output below). Isn't it the client after the serverhello response? you might want to add -debug and -msg to see the s_server response to what s_server responds and why the client aborts. regarding my earlier hasty message today: the illegal hostname 17.0.0.1 is not a problem in s_server. (I still haven't passed all ent certification) :-) Openssl 0.9.8h works just fine though. Is this a known issue? ./openssl s_server -key src/data/server.key -cert src/data/server.crt -tlsextdebug Using default temp DH parameters Using default temp ECDH parameters ACCEPT TLS client extension unknown (id=9), len=3 - 02 00 01 ... TLS client extension server name (id=0), len=14 - 00 0c 00 00 09 31 32 37-2e 30 2e 30 2e 31 .127.0.0.1 ERROR 4150167176:error:14094456:SSL routines:SSL3_READ_BYTES:tlsv1 unsupported extension:s3_pkt.c:1240:SSL alert number 110 shutting down SSL CONNECTION CLOSED ACCEPT David Holmes | Technical Marketing Manager - Security F5 Networks P 206.272. F 206.272.5556 www.f5.com D 206.272.6740 Follow @dholmesf5 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: 1.0.1beta1, incompatibility with gnutls?
On 03/08/2012 11:05 PM, David Holmes wrote: I'm trying to use openssl 1.0.1beta1 s_server with gnutls 2.4.1 (gnutls-cli). s_server is complaining of an unknown extension (see debug output below). Openssl 0.9.8h works just fine though. Is this a known issue? try beta3, should work better. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL FIPS Object Module v1.2
On 03/08/2012 08:49 PM, Ashit Vora wrote: Steve, First let me clarify that it isn't my intent to challenge OpenSSL validation. In fact the reason I started down this path is because I have a product that uses v1.2 and needs to claim FIPS compliance. I cannot legitimately make that claim if v1.2 is not listed. However I have sent a query to CMVP to get clarification. If CMVP says I am mistaken, I will be extremely happy. Only the CMVP can speak authoritatively about FIPS 140-2, so filing an challenge with them is exactly the right thing to do if you have concerns. It's always possible that the judgment of two test labs (and myself) was completely wrong. In the meantime, your response did not address the CMVP FAQ I pointed to which backs up what I am saying. I am reproducing it here again: ///When a module is validated, an entry is posted on the CMVP web site valuation list along with a softcopy of the initial printed validation certificate. The hardcopy validation certificate is for informational purposes only. The CMVP web site validation list is the official source of validation information in reference to the module. If changes are made to the module that would change the referenced certificate information, only the web site validation list is updated. /This clearly indicates that the CMVP website is the official source of validation information. This infers that the version listed on the validation website is the validated version. Do you interpret this differently? I do, in that I do not see revocation or repudiation of any previously validated modules for validation #1051. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.net __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL FIPS Object Module v1.2
Steve, Please see response from Randy (CMVP Director) below. It clearly indicates older versions (including v1.2) are no longer considered validated since they are not listed on the website: *Ashit, You can always view the change history by downloading the CMVP Validation DB from: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140-1val.zip For Cert. #1051: 11/20/09: Added new OS and updated Security Policy. 12/08/10: Replaced SW v1.2.2 and updated Security Policy. 05/12/11: Replaced SW 1.2.2 with 1.2.3, added OE Android 2.2 (gcc Compiler Version 4.4.0); VxWorks 6.7 (gcc Compiler Version 4.1.2), added Triple-DES #1011 and #1066, AES #1534 and #1630, DSA #475 and #512, SHS #1362 and #1435, HMAC #892 and #957, RSA #745 and #804, RNG #826 and #873, and updated Security Policy. 03/07/12: Added OEs Wind River 1.4 (gcc Compiler Version 3.4.0) and Wind River 4.0 (gcc Compiler Version 4.4.1). Added Triple-DES #1259, AES #1933, DSA #616, SHS #1698, HMAC #1167, RSA #999 and RNG #1018. Updated security policy. The vendor/testing laboratory indicates when a change request is sent to the CMVP, whether the new version is added to the current or replaces the current. As the lab/vendor knows, validation is version specific. So if they replace a version, that means anyone who has that version now has a non-validated version. We usually ask the lab when they ask for a replacement to make sure they know what they are asking. So for this module, only v1.2.3 is valid. I cannot provide additional details regarding the nature of the change requests themselves as that is proprietary information. Suggest you may ask the vendor. Randy Randall J. Easter Director Cryptographic Module Validation Program (CMVP) - NIST Computer Security Division - Security Testing, Validation and Measurement Group 100 Bureau Drive, Suite 8930 Gaithersburg, MD 20899 301-975-4641 (Voice) 301-975-4007 (FAX) www.nist.gov/cmvp* Given this do you plan to get the certificate updated with older version (I really care about v1.2 only right now)? Thanks! -Ashit On Fri, Mar 9, 2012 at 7:34 AM, Steve Marquess marqu...@opensslfoundation.com wrote: On 03/08/2012 08:49 PM, Ashit Vora wrote: Steve, First let me clarify that it isn't my intent to challenge OpenSSL validation. In fact the reason I started down this path is because I have a product that uses v1.2 and needs to claim FIPS compliance. I cannot legitimately make that claim if v1.2 is not listed. However I have sent a query to CMVP to get clarification. If CMVP says I am mistaken, I will be extremely happy. Only the CMVP can speak authoritatively about FIPS 140-2, so filing an challenge with them is exactly the right thing to do if you have concerns. It's always possible that the judgment of two test labs (and myself) was completely wrong. In the meantime, your response did not address the CMVP FAQ I pointed to which backs up what I am saying. I am reproducing it here again: ///When a module is validated, an entry is posted on the CMVP web site valuation list along with a softcopy of the initial printed validation certificate. The hardcopy validation certificate is for informational purposes only. The CMVP web site validation list is the official source of validation information in reference to the module. If changes are made to the module that would change the referenced certificate information, only the web site validation list is updated. /This clearly indicates that the CMVP website is the official source of validation information. This infers that the version listed on the validation website is the validated version. Do you interpret this differently? I do, in that I do not see revocation or repudiation of any previously validated modules for validation #1051. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.net
Re: OpenSSL for Linux
This is an older Apache version that uses a few low level variables directly of which one changed in the more recent versions of OpenSSL. Woody The following changes in Apache 2.0.x line will allow it to compile and run: diff -uNrp httpd-2.0.63-orig/modules/ssl/ssl_engine_init.c httpd-2.0.63/modules/ssl/ssl_engine_init.c --- httpd-2.0.63-orig/modules/ssl/ssl_engine_init.c2012-02-22 15:02:26.0 -0700 +++ httpd-2.0.63/modules/ssl/ssl_engine_init.c2012-02-22 14:57:39.0 -0700 @@ -626,7 +626,7 @@ static void ssl_init_ctx_verify(server_r ssl_die(); } -SSL_CTX_set_client_CA_list(ctx, (STACK *)ca_list); +SSL_CTX_set_client_CA_list(ctx, (_STACK *)ca_list); } /* diff -uNrp httpd-2.0.63-orig/modules/ssl/ssl_util_ssl.c httpd-2.0.63/modules/ssl/ssl_util_ssl.c --- httpd-2.0.63-orig/modules/ssl/ssl_util_ssl.c2006-07-12 01:40:55.0 -0600 +++ httpd-2.0.63/modules/ssl/ssl_util_ssl.c2012-02-22 14:57:39.0 -0700 @@ -466,7 +466,7 @@ int SSL_CTX_use_certificate_chain( X509 *x509; unsigned long err; int n; -STACK *extra_certs; +_STACK *extra_certs; if ((bio = BIO_new(BIO_s_file_internal())) == NULL) return -1; Mohamed Riyazudeen wrote on 03/08/2012 01:13 AM: Hi, We are using openssl1.0.0g for windows. But when we tried to use same for Linux, we are running into issue while compiling SSL module. And we found that the issue in Apache2.0.63 and openssl1.0.0g integration http://serverfault.com/questions/159883/installing-apache-with-openssl https://issues.apache.org/bugzilla/show_bug.cgi?id=49034 https://issues.apache.org/bugzilla/show_bug.cgi?id=47578 So we used openssl0.9.8s and its working fine. Can we use 0.9.8s for Linux? Is there any vulnerability in openssl0.9.8s? Regards, Riyaz -- Gatewood Green Principal Software Engineer NitroSecurity, now part of McAfee o: 2085528269 c: 2082067455 e: gatewood_gr...@mcafee.com w: http://www.nitrosecurity.com/ Imagine, if you will, a world in which there are no hypothetical situations... signature.asc Description: OpenPGP digital signature
RE: OpenSSL Windows CryptoAPI certificate and encrypt/decrypt interop
I think I'll probably have to jump off that bridge when I get to it, but to make progress I'm going to try to get something going in the interim. I think I'll post some code (I suspect that the padding provided by the capi encrypt/decrypt is somehow different than what openssl is doing - the ms docs are woefully inadequate) but if anyone has pointers on information on how to use the capi engine, I'd greatly appreciate it, thanks! ... N --- Nou Dadoun ndad...@teradici.com 604-628-1215 -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: March 8, 2012 1:55 PM To: openssl-users@openssl.org Subject: Re: OpenSSL Windows CryptoAPI certificate and encrypt/decrypt interop On Thu, Mar 08, 2012, Nou Dadoun wrote: Thanks for the response, I'm trying to allow end-users to use commercially purchased certificates so I'd rather not make the assumption that the key is exportable. Using the capi engine sounds like a viable alternative, but I've had trouble tracking down details on how to use it. Unfortunately I have a few restrictions; we're fips-certified on openssl 0.98n so that's the version I'm stuck with (without recertifying). I also want to use the crypto api directly to tell it which certificate to load and use (i.e. user configurable through a gpo setting) and then have the engine use that certificate for the ssl handshake to the peer. I've read the O'Reilly section on Engines but it's pretty rudimentary and doesn't touch the capi engine, do you have a pointer to any user documentation that might have some examples on using the capi engine? If you need all crypto to be FIPS compliant (for some value of compliant) that's a can of worms because the relevant CSPs might not be and you'd be mixing various cryptographic operations across boundaries. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL Windows CryptoAPI certificate and encrypt/decrypt interop
On Fri, Mar 09, 2012, Nou Dadoun wrote: I think I'll probably have to jump off that bridge when I get to it, but to make progress I'm going to try to get something going in the interim. I think I'll post some code (I suspect that the padding provided by the capi encrypt/decrypt is somehow different than what openssl is doing - the ms docs are woefully inadequate) but if anyone has pointers on information on how to use the capi engine, I'd greatly appreciate it, thanks! ... N You can actually use the capi ENGINE from the command line to perform private key operations. You specify -engine capi -inform/-keyform engine and the input key parameter can take several forms. The default is a string from the corresponding certificate DN so if it has CN=steve then steve would do. At an API level you use ENGINE_load_private_key(steve) which returns an EVP_PKEY structure which can then be used like any other private key. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL FIPS Object Module v1.2
On 03/09/2012 11:18 AM, Ashit Vora wrote: Steve, Please see response from Randy (CMVP Director) below. It clearly indicates older versions (including v1.2) are no longer considered validated since they are not listed on the website: Randy is the man, so I stand corrected. A huge number of deployed validated modules are now not validated (or rather are revealed to have been so for years). We have a new change letter in the works, so when we submit that revised Security Policy we'll put a statement in it to the effect that previous revisions of the module remain valid. I'll also check with that test lab and see if we can add that wording sooner as this particular change letter is progressing slowly due to technical issues with the new platform. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.net __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL FIPS Object Module v1.2
Thanks Steve. I will look out for the update on the CMVP webpage. -Ashit On Fri, Mar 9, 2012 at 1:12 PM, Steve Marquess marqu...@opensslfoundation.com wrote: On 03/09/2012 11:18 AM, Ashit Vora wrote: Steve, Please see response from Randy (CMVP Director) below. It clearly indicates older versions (including v1.2) are no longer considered validated since they are not listed on the website: Randy is the man, so I stand corrected. A huge number of deployed validated modules are now not validated (or rather are revealed to have been so for years). We have a new change letter in the works, so when we submit that revised Security Policy we'll put a statement in it to the effect that previous revisions of the module remain valid. I'll also check with that test lab and see if we can add that wording sooner as this particular change letter is progressing slowly due to technical issues with the new platform. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.net
RE: OpenSSL Windows CryptoAPI certificate and encrypt/decrypt interop
That does sound incredibly powerful (and right up the alley of what I'm try to do) but rather than peppering you with individual questions, is there any documentation other than tackling the code? (even an api man page wrt engine usage would help) E.g. I'd like to specify the location of the windows cert store to look in for the certificate that I want to use being selecting the actual certificate, and it's not clear how I would do that, thanks again for your help ... N --- Nou Dadoun ndad...@teradici.com 604-628-1215 -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: March 9, 2012 10:11 AM To: openssl-users@openssl.org Subject: Re: OpenSSL Windows CryptoAPI certificate and encrypt/decrypt interop On Fri, Mar 09, 2012, Nou Dadoun wrote: I think I'll probably have to jump off that bridge when I get to it, but to make progress I'm going to try to get something going in the interim. I think I'll post some code (I suspect that the padding provided by the capi encrypt/decrypt is somehow different than what openssl is doing - the ms docs are woefully inadequate) but if anyone has pointers on information on how to use the capi engine, I'd greatly appreciate it, thanks! ... N You can actually use the capi ENGINE from the command line to perform private key operations. You specify -engine capi -inform/-keyform engine and the input key parameter can take several forms. The default is a string from the corresponding certificate DN so if it has CN=steve then steve would do. At an API level you use ENGINE_load_private_key(steve) which returns an EVP_PKEY structure which can then be used like any other private key. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Encrypting with openssl and decrypting with capi cryptdecrypt
So here's what I'm trying to do in a unit test, wiring in the method replacement seems to work (i.e. my priv decrypt callback is called at the right place) but the encrypt -- decrypt doesn't work in a unit test so it certainly won't work there or anywhere else. So I load the certificate and get key handles using capi, brief snippets: result =CryptAcquireCertificatePrivateKey( m_pccert_context, CRYPT_ACQUIRE_COMPARE_KEY_FLAG, NULL, m_crypto_provider, key_spec, NULL); ... // Get Private Key result = CryptGetUserKey( m_crypto_provider, AT_KEYEXCHANGE, m_cert_key_pair); ... // Get the public key information for the certificate. result = CryptImportPublicKeyInfo( m_crypto_provider, X509_ASN_ENCODING, m_pccert_context-pCertInfo-SubjectPublicKeyInfo, m_cert_public_key); That all works since I can then (pub) encrypt and (priv) decrypt a sample message in capi, I do some other sanity tests and get to my interop test, I load the x509 certificate from the m_pccert_context, i.e. BIO * input = BIO_new_mem_buf_fn ( (void*) m_pccert_context-pbCertEncoded, (UINT32) m_pccert_context-cbCertEncoded); m_x509_cert = d2i_X509_bio_fn(input, NULL); and then pull the public key to encrypt: EVP_PKEY *my_pkey = X509_get_pubkey_fn(m_x509_cert); my_rsa_key-n = BN_dup_fn(my_pkey-pkey.rsa-n); my_rsa_key-e = BN_dup_fn(my_pkey-pkey.rsa-e); When I extract and print the modulus (i.e. the n) from both my_rsa_key and the m_cert_public_key (exported as a PUBLICKEYBLOB), they're the same (but reversed), so I proceed to encrypt my test message with openssl: enc_mess_len = RSA_public_encrypt( strlen(test_mess), (unsigned char *) test_mess, (unsigned char *) enc_mess, my_rsa_key, RSA_PKCS1_OAEP_PADDING); And decrypt with capi: if(!CryptDecrypt( m_cert_key_pair, //__in HCRYPTKEY hKey, NULL,//__in HCRYPTHASH hHash, TRUE,//__in BOOL Final, CRYPT_OAEP, //__in DWORD dwFlags, (BYTE*) enc_mess,//__inout BYTE *pbData, decrypted_len //__inout DWORD *pdwDataLen, )) { // Figure out what went wrong. DWORD last_error= GetLastError(); return -1; } And it always fails with NTE_BAD_DATA. (I've eliminated some function wrappers but this is basically it.) I've tried different padding schemes, e.g. CRYPT_OAEP --- RSA_PKCS1_OAEP_PADDING ?? the default - RSA_PKCS1_PADDING I've tried CRYPT_DECRYPT_RSA_NO_PADDING_CHECK (and get an NTE_BAD_FLAGS error) thanks ms, I've tried reversing the encrypted buffer, all to no avail. Am I missing something here? Thanks in advance N --- Nou Dadoun ndad...@teradici.com 604-628-1215 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: Encrypting with openssl and decrypting with capi cryptdecrypt
Sorry I knew I'd forget something, I've put the my_rsa_key declaration and initialization in the right place marked / here / ... N --- Nou Dadoun ndad...@teradici.com 604-628-1215 -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Nou Dadoun Sent: March 9, 2012 12:01 PM To: openssl-users@openssl.org Subject: Encrypting with openssl and decrypting with capi cryptdecrypt So here's what I'm trying to do in a unit test, wiring in the method replacement seems to work (i.e. my priv decrypt callback is called at the right place) but the encrypt -- decrypt doesn't work in a unit test so it certainly won't work there or anywhere else. So I load the certificate and get key handles using capi, brief snippets: result =CryptAcquireCertificatePrivateKey( m_pccert_context, CRYPT_ACQUIRE_COMPARE_KEY_FLAG, NULL, m_crypto_provider, key_spec, NULL); ... // Get Private Key result = CryptGetUserKey( m_crypto_provider, AT_KEYEXCHANGE, m_cert_key_pair); ... // Get the public key information for the certificate. result = CryptImportPublicKeyInfo( m_crypto_provider, X509_ASN_ENCODING, m_pccert_context-pCertInfo-SubjectPublicKeyInfo, m_cert_public_key); That all works since I can then (pub) encrypt and (priv) decrypt a sample message in capi, I do some other sanity tests and get to my interop test, I load the x509 certificate from the m_pccert_context, i.e. BIO * input = BIO_new_mem_buf_fn ( (void*) m_pccert_context-pbCertEncoded, (UINT32) m_pccert_context-cbCertEncoded); m_x509_cert = d2i_X509_bio_fn(input, NULL); and then pull the public key to encrypt: / here / RSA* my_rsa_key = RSA_generate_key(1024, RSA_F4, NULL, NULL; EVP_PKEY *my_pkey = X509_get_pubkey_fn(m_x509_cert); my_rsa_key-n = BN_dup_fn(my_pkey-pkey.rsa-n); my_rsa_key-e = BN_dup_fn(my_pkey-pkey.rsa-e); When I extract and print the modulus (i.e. the n) from both my_rsa_key and the m_cert_public_key (exported as a PUBLICKEYBLOB), they're the same (but reversed), so I proceed to encrypt my test message with openssl: enc_mess_len = RSA_public_encrypt( strlen(test_mess), (unsigned char *) test_mess, (unsigned char *) enc_mess, my_rsa_key, RSA_PKCS1_OAEP_PADDING); And decrypt with capi: if(!CryptDecrypt( m_cert_key_pair, //__in HCRYPTKEY hKey, NULL,//__in HCRYPTHASH hHash, TRUE,//__in BOOL Final, CRYPT_OAEP, //__in DWORD dwFlags, (BYTE*) enc_mess,//__inout BYTE *pbData, decrypted_len //__inout DWORD *pdwDataLen, )) { // Figure out what went wrong. DWORD last_error= GetLastError(); return -1; } And it always fails with NTE_BAD_DATA. (I've eliminated some function wrappers but this is basically it.) I've tried different padding schemes, e.g. CRYPT_OAEP --- RSA_PKCS1_OAEP_PADDING ?? the default - RSA_PKCS1_PADDING I've tried CRYPT_DECRYPT_RSA_NO_PADDING_CHECK (and get an NTE_BAD_FLAGS error) thanks ms, I've tried reversing the encrypted buffer, all to no avail. Am I missing something here? Thanks in advance N --- Nou Dadoun ndad...@teradici.com 604-628-1215 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Please Clarify : Unable to verify leaf signature (21)
Thanks Dave. I request you please give more information regarding this error. What exactly it means to me ? I am doing Server Authentication where i keep ROOT cert are my client and Server cert ( could be Selfsigned or chained cert). The issue here is i am facing the below error when ever i am using 2-level-CA cert even more. Alert Level: Fatal, Description: Unable to verify leaf signature (21) Due to my limited knowledge hence I am not sure whether I am using correct command to generate Chained Hirerchy. Please guide me or suggest me. I am creating a 3-Level-CA like this : rootCA--- ServerCA--- ServerCA1- Server. i.e. server cert intermediate CA1 intermediate CA2 root CA Here are the commands OPENSSL req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem -config root.cnf OPENSSL x509 -req -in rootreq.pem -sha1 -extfile root.cnf -extensions certificate_extensions -signkey rootkey.pem -out rootcert.pem CAT rootcert.pem rootkey.pem root.pem OPENSSL req -newkey rsa:1024 -sha1 -keyout serverCAkey.pem -out serverCAreq.pem -config serverCA.cnf OPENSSL x509 -req -in serverCAreq.pem -sha1 -extfile serverCA.cnf -extensions certificate_extensions -CA root.pem -CAkey root.pem -CAcreateserial -out serverCAcert.pem CAT serverCAcert.pem serverCAkey.pem rootcert.pem serverCA.pem OPENSSL req -newkey rsa:1024 -sha1 -keyout serverCAkey1.pem -out serverCAreq1.pem -config serverCA1.cnf OPENSSL x509 -req -in serverCAreq1.pem -sha1 -extfile serverCA1.cnf -extensions certificate_extensions -CA serverCA.pem -CAkey serverCA.pem -CAcreateserial -out serverCAcert1.pem CAT serverCAcert1.pem serverCAkey1.pem serverCAcert.pem rootcert.pem serverCA1.pem OPENSSL req -newkey rsa:1024 -sha1 -keyout serverkey.pem -out serverreq.pem -config server.cnf -reqexts req_extensions OPENSSL x509 -req -in serverreq.pem -sha1 -extfile server.cnf -extensions certificate_extensions -CA serverCA1.pem -CAkey serverCA1.pem -CAcreateserial -out servercert.pem CAT servercert.pem serverkey.pem serverCAcert1.pem serverCAcert.pem rootcert.pem server.pem I used root.pem at Client Side and Server.pem at Server Side. But i am seeing the error Alert Level: Fatal, Description: Unable to verify leaf signature (21) Please help me . Best Regards, S S Rout -- View this message in context: http://old.nabble.com/Please-Clarify-%3A-Unable-to-verify-leaf-signature-%2821%29-tp33457025p33476139.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org