Re: resumption problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




در تاریخ سه‌شنبه ۲۴ مارس ۲۰۲۰،‏ ۵:۲۰ Viktor Dukhovni <openssl-users@xxxxxxxxxxxx> نوشت:
On Mon, Mar 23, 2020 at 05:27:55PM -0700, Benjamin Kaduk via openssl-users wrote:

> > I *think* possibly also the precise nature of that client cert
> > matters; a testcase I set up away from my production
> > system failed to induce the error.  The client cert
> > is loaded using SSL_CTX_use_certificate_chain_file();
> > the file contains a private-key and a 3-element chain
> > with a Lets Encrypt cert (leaf, signer, CA-root).
> > The CA is sha1/rsa, the other two are sha256/rsa.
>
> Try omitting the (sha1) CA from the file?

That's not plausibly related to a failure to construct
the list of CA distinguished names.  The signatures
are not looked at by the function reporting the error.

--
    Viktor.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux