Hello
I see strange behavior of openssl s_client in case of post-handshake authorization with PSK
command lines:
apps/openssl s_client -connect localhost:4433 -tls1_3 -4 -ciphersuites TLS_AES_128_GCM_SHA256 -psk $PSK -enable_pha -cert cert.pem -key key.pem -trace
apps/openssl s_server -accept 4433 -tls1_3 -4 -ciphersuites TLS_AES_128_GCM_SHA256 -psk $PSK -nocert -no_dhe -allow_no_dhe_kex -num_tickets 0 -Verify 3 -CAfile cert.pem -trace
I use self-signed certificates with 1.1.1b branch. when I interactively request the post-handshake authentification, the client sends empty certificate list.
When I use the following command lines, everything is OK:
apps/openssl s_client -connect localhost:4433 -tls1_2 -4 -ciphersuites TLS_AES_128_GCM_SHA256 -cert cert.pem -key key.pem -trace -CAfile cert.pem
apps/openssl s_server -accept 4433 -tls1_2 -4 -ciphersuites TLS_AES_128_GCM_SHA256
-Verify 3 -CAfile cert.pem -key key.pem -cert cert.pem -trace
--
SY, Dmitry Belyavsky
Attachment:
cert.pem
Description: application/x509-ca-cert
Attachment:
key.pem
Description: application/x509-ca-cert
