[openssl-users] MTLS verification fails
salil GK
gksalil at gmail.com
Mon Mar 5 05:58:28 UTC 2018
Hi
I am new to certificate management domain. We have a MTLS server. I am
trying to debug the issues between the certificate validation between
client and server.
I used openssl s_client and s_server command to verify if the
certificates are in good shape.
But while doing so - I am getting the following error.
#$ openssl s_client -cert tomcat.pem -key tomcat_priv.pem -CAfile
ca.pem -connect lrc1.cisco.com:8446
-----
#$ openssl s_server -key privkey.pem -cert server.pem -accept 8446
-verify ca.pem
verify depth is 0
Using default temp DH parameters
ACCEPT
depth=2 O = Cisco Systems, CN = trca-4096-sha2
verify error:num=19:self signed certificate in certificate chain
ERROR
verify error:self signed certificate in certificate chain
140011871301248:error:14089086:SSL
routines:ssl3_get_client_certificate:certificate verify
failed:s3_srvr.c:3427:
shutting down SSL
CONNECTION CLOSED
What is the meaning of this error and how do I correct this - ?
Thanks
~S
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180305/3267ed85/attachment.html>
More information about the openssl-users
mailing list