[openssl-users] s_client/s_server trouble
Jan Just Keijser
janjust at nikhef.nl
Fri May 13 11:08:23 UTC 2016
hi all,
I've just run into something weird with openssl 1.0.1 and s_client+s_server:
- I've downloaded and compiled a static version of openssl 1.0.1t on Linux
- I've set up a PKI with a ca.crt file and a server.crt/server.key keypair
- next , I run
~/src/openssl-1.0.1t/apps/openssl s_server -CAfile ca.crt -cert
server.crt -key server.key -dhparam dh2048.pem
- then, with s_client
~/src/openssl-1.0.1t/apps/openssl s_client -CAfile ca.crt -connect
127.0.0.1:4433
and I always end up with
Verify return code: 21 (unable to verify the first certificate)
If I either change s_server *or* s_client to use openssl 0.9.8 then the
above commands work!
What am I missing here?
TIA,
JJK / Jan Just Keijser
More information about the openssl-users
mailing list