[openssl-users] (Probably) Silly Application Programming Question
Viktor Dukhovni
openssl-users at dukhovni.org
Mon Jan 11 03:43:29 UTC 2016
On Sun, Jan 10, 2016 at 08:20:41PM -0600, Karl Denninger wrote:
> I found the problem... for an unexplained reason either the certificate
> or key were corrupt; I have added checking to make sure they're
> coherent, as apparently OpenSSL is perfectly happy to load a bogus cert
> (or key) without throwing an error, but won't present them.
You forgot the validate the loaded cert/key combination via:
SSL_CTX_check_private_key(ctx);
which should be called after loading the key and certificate.
--
Viktor.
More information about the openssl-users
mailing list