Well, OpenSSL 0.9.6d has definately made a difference, although I wouldn't say anything has improved. I now receive a 'verify error:num=19:self signed certificate in certificate chain'. I'm not sure if that's an improvement or not, but it looks better. Apart from that, on the server side, I now get a slightly more detailed error on what ails it: 'SSL3 alert write:fatal:protocol version' (prior to this, it was just 'unknown error'). So, why would there be a protocol error? I'm using the standard 'imtest' that ships with 2.0.16 compiled against OpenSSL 0.9.6d, so they should be talking the same jive.
Any thoughts on this? Thaddeus Parkinson On Fri, 10 May 2002, Thaddeus Parkinson wrote: > Jason (and the rest of the Cyrusians out there), > > Thanks for the suggestions. The new certs definately get me different > messages. Now I receive a 'verify error:num=27:certificate not trusted' > on the CA file. I think this might be a problem with imtest not trusting > the CA, anybody have any idea of how to make it see the light? 'openssl > verify' has no problem with them... > > However, it still continues past that and dies in the same spot it was > before. Still not sure if they're related; it's quite irksome. > > I have a new option today, though. As if perhaps an answer to my prayers, > the Fates released a new version of OpenSSL last night. I'm going to > upgrade to 0.9.6d. Keep your fingers crossed that it'll miraculously cure > all of my headaches. > > Thanks again, > Thaddeus Parkinson >
