Hello,
I am trying to export a pkcs12-file using the Openca-Perl-Modules (installed
via CPAN). When i export the file manually from the console, there are no
problems, but from out of a Perl-file it do not want to work. Creating the
request and signing the cert is no problem. Only the pkcs12-expor
Hello,
At the moment I have a site, where a user can login with a certificate I
create and give to him. No problems so far.
But now I want two things:
1.
I would like to write the certificate on a Smartcard, so the user can insert
this smartcard and tip a PIN to authenticate on the server, ins
I got a big problem with SSLVerifyClient. I guess I posted a similar problem
before, but now the error(s?) is really more strange (in my point of view).
I used this tutorial: http://fra.nksteidl.de/Erinnerungen/OpenSSL.php
I hae got two sections. One with only server-side-SSL (works), and a folder
Perhaps someone can help me now. I tried a couple of things last week to
solve my problem, but none of them worked. Now I am running SSL in
debug-mode, so here is a little bit more of the error (this is just a small
extract out of the log-file, the logging goes further, but i think here is
the main
Okay, my certs are looking okay now (if i want to believe "openssl verify").
But still no chance to get in. Now it says after "GET /demo/index.html
HTTP/1.0":
SSL_connect:SSL renegotiate ciphers
SSL_connect:SSLv3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=1
/C=DE/ST=test/L=
Okay, first I changed the ns-entries with keyusage, then i put them in both.
None of these works:
Server:
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
X509v3 Key Usage:
Certificate Sig
> If you can post the output of:
>
> openssl x509 -in cert.pem -text -noout
Okay, this comes out with the server.pem (I shortend the Algorithm-Tables
with "...":
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: md5WithRSAEncryption
> could you verify this with
> openssl verify -CAfile cacert.pem -purpose sslserver server.pem and while
you at it:
> openssl verify -CAfile cacert.pem -purpose sslclient user.pem
I guess i should look at my Server-Cert, because with "openssl verify
-CAfile cacert.pem -purpose sslserver server.pe
> What result do you get by an
> openssl s_client -connect test.net:443 \
> -CAfile cacert.pem -verify 5 \
> -cert user.pem -key user.key \
> -reconnect -showcerts -state -bugs
>
> ?
>
> with a input
> GET /demo/index.html HTTP/1.0
I get:
SSL_connect:SSL rene
> You set this with SSLCACertificateFile...
Sorry, but didn't help.
Sven
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated
Hello,
I am using openSSL 0.9.7b on a SuSE 9.0 machine.
I try to configure a site using Client-Verify. But in IE I get an endless
loop, and in Firefox I get "Error -8101". The Log-File says
[error] Re-negotiation handshake failed: Not accepted by client!?
chid pid 10800 exit signal Segmentatio
11 matches
Mail list logo