29 Dec
2006
29 Dec
'06
11:23 a.m.
Yes, it worked. It came back saying that the certificate has expired, verify
return code: 10. Probably the certificate has expired and I need to generate
the new certificates..
Thanks a lot....
NCheeku
On 12/29/06, Steffen Witt <witt.steffen(a)googlemail.com> wrote:
OK, the certificate authority (CA) is missing in your client command:
openssl s_client ... -CAfile name_of_cafile.pem
In my opinion a client should use a different certificate/private key
pair but signed by the same CA.
Best regards,
Steffen
2006/12/29, Ncheeku Baranov <opensersubscribe(a)gmail.com>om>:
You are correct, so just for the trial purposes
if I want the TLS
handshake
to be successful what credentials for the client
should I use? i.e. can
I do
something like:
openssl s_client -cert user-cert.pem -key user-privkey.pem -state
-connect
10.30.00.41:5061
on doing this it comes back with an error saying Verify Return Code: 21
(Unable to verify the first certificate), Should I be using new
certificates
or with the same set of certificates I can achive
a successful
handshake?
Thanks a lot..
Ncheeku