resumption problem

hamed salini hamedsalini6 at gmail.com
Tue Mar 24 02:42:48 UTC 2020


در تاریخ سه‌شنبه ۲۴ مارس ۲۰۲۰،‏ ۵:۲۰ Viktor Dukhovni <
openssl-users at dukhovni.org> نوشت:

> On Mon, Mar 23, 2020 at 05:27:55PM -0700, Benjamin Kaduk via openssl-users
> wrote:
>
> > > I *think* possibly also the precise nature of that client cert
> > > matters; a testcase I set up away from my production
> > > system failed to induce the error.  The client cert
> > > is loaded using SSL_CTX_use_certificate_chain_file();
> > > the file contains a private-key and a 3-element chain
> > > with a Lets Encrypt cert (leaf, signer, CA-root).
> > > The CA is sha1/rsa, the other two are sha256/rsa.
> >
> > Try omitting the (sha1) CA from the file?
>
> That's not plausibly related to a failure to construct
> the list of CA distinguished names.  The signatures
> are not looked at by the function reporting the error.
>
> --
>     Viktor.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200324/a41d05de/attachment-0001.html>


More information about the openssl-users mailing list